2025-05-29 12:29:33
rapid7
PUBLISHED
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.