Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, Triofox. Hackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/hackers-exploit-lfi-flaw-in-file-sharing-platforms-a-29708
