Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mandiant First Response HTTP FRAgent守护程序代理劫持漏洞
Vulnerability Description
Mandiant First Response是一款事件响应工具,用于收集所运行进程、系统服务之类的系统信息。 Mandiant First Response中存在多个安全漏洞,具体如下: 如果HTTP FRAgent守护程序被劫持的话,攻击者就可以控制客户端所发送和处理的响应数据,以及其他一些客户端行为。恶意的进程可以执行中间人攻击,重新定向和修改客户端与合法代理之间的所有请求和响应。攻击者还可以发送特制的HTTP响应,强制客户端访问任意URL和/或下载任意内容。
CVSS Information
N/A
Vulnerability Type
N/A