Rtorrent vulnerability


Any comments on this vulnerability in rtorrent. https://f5.com/labs/articles/threat-intelligence/malware/rtorrent-client-exploited-in-the-wild-to-deploy-monero-crypto-miner

Are the vulnerable services switched off by default in Quickbox?


Auth for rutorrent is activated and rtorrent port is not exposed to public


A. Short answer:

don’t use network.scgi.open_port
use network.scgi.open_local instead

Command Deprecated Commands
network.scgi.open_local scgi_local
network.scgi.open_port scgi_port

quickbox .rtorrent.rc

scgi_port = localhost:30713

-> so vulnerability?!