Full title: QBOT Botnet C2 Panel -  Authentication Bypass Vulnerability 
Category: remote exploits
Platform: linux
A vulnerability exists in the Qbot botnet C2, in the code that performs the login. A remote attacker can exploit it to bypass the authentication, having the ability to control the botnet and perform action as an authenticated user, like taking control of the botnet.

This Botnet has a lot of variants, which makes it more difficult to categorize it in versions.

Hopefully, all the versions found out there are found to be vulnerable, just minor changes are required for the exploit to work. Most versions out there are vulnerable.


# 0day.today @ http://0day.today/