Any comments on this vulnerability in rtorrent. https://f5.com/labs/articles/threat-intelligence/malware/rtorrent-client-exploited-in-the-wild-to-deploy-monero-crypto-miner
Are the vulnerable services switched off by default in Quickbox?
Auth for rutorrent is activated and rtorrent port is not exposed to public
A. Short answer:
don’t use network.scgi.open_port
use network.scgi.open_local instead
Command Deprecated Commands
network.scgi.open_local scgi_local
network.scgi.open_port scgi_port
quickbox .rtorrent.rc
scgi_port = localhost:30713
-> so vulnerability?!