SAP Router: 8,793 Exposed Systems Worldwide

The RFC gateways for server-to-server communication similar should not be exposed. Strict guidelines don't do that. There were vulnerabilities in that and those were Well, it's not a vulnerability, it's intended by design. When you connect to the service, it doesn't have any authentication and there's a process allowing you to execute OS commands. Uh maybe Google for a 10K blades or gateway to heaven. Um Pretty sure they're not connected. Well, to be honest, well, that scanner indeed found some honeypots and you can easily identify those. They're responding on all ports. >> [panting] >> What's super interesting because I saw some Wait, how can that thing have 100 ports open? What's going Yeah, I found some. Um so, it's not clean up, but yeah.

RFC gateway. Let's go back to the SAP router. I found 8,793 worldwide. What do they do? They just leak a version number and their host name. Favorites of mine are like that one. It's the HR productive system where that one is running on and it's exposed to the internet. So, think about potentially someone could find maybe vulnerability on that thing that allows to get remote code execution.