Sergey Gordeychik
Denis Kolegov
Antony Nikolaev
The goal of this paper is to provide the results of passive and active fingerprinting for SD-WAN systems using a common threat intelligence approach. We explore Internet-based and cloud-based publicly available SD-WAN systems using well-known “Shodan” and “Censys” search engines and custom developed automation tools and show that most of the SD-WAN systems have known vulnerabilities related to outdated software and insecure configuration.
Write-up
nmap NSE scripts
Shodan scripts
Enjoy
No comments:
Post a Comment