Top Web Application Vulnerabilities
The Vulnerabilities that Most Reduce Network Security
The beSECURE vulnerability assessment product line produces accurate and false-positive free vulnerability scan results. Results from beSECURE systems around the world have been compiled here into the most accurate picture available of the most common network security vulnerabilities that are also most commonly sought out by attackers.
We’ve included the OWASP Top Ten as well as hundreds more from vulnerability lists compiled from results provided anonymously by thousands of customers across hundreds of thousands of scans shared annually with Beyond Security. Vulnerability frequency is compiled into three groups of 100: High risk, Medium risk and Low risk.
The vast majority of network attacks are focused on the weaknesses that are most often found and the ease of which they can be exploited. Drive by attacks work by looking for a single common vulnerability the ‘low hanging fruit’ and then later decide if any of the hacked network is of interest. Targeted attacks will use the most common vulnerabilities list to form a path from first contact to capturing the flag.
In either attack scenario, a network that has any of these most common 100 vulnerabilities *looks* like it is weak and invites attack. You may have 4 attack dogs in your warehouse for overnight protection, but if you leave the loading door unlocked, you have just increased the chance that someone will try to enter. Yes, keep the dogs, but please also lock the door.
These common vulnerabilities are the most likely paths of attack regardless of how an attacker got their first foothold. An attacker’s first step might be through phishing, access control bypass, endpoint attack, etc., but that’s just the first point of contact. The most valuable targets are deeper in the network and hackers WILL search for the easiest path available.
Find out how Beyond Security can keep your security scans
and web application vulnerability up to date.
Most Common High Risk Vulnerabilities:
94. radmin Detection
Here are the Most Common Medium Risk Vulnerabilities:
20. Non-SSL Login
27. WebDAV Detection
45. Shell Detection
75. rsh Detection
100. Directory Disclosure
102. Chargen Detection
Here are the Most Common Low Risk Vulnerabilities:
18. RPC Portmapper
20. Telnet Detection
24. Device Type
35. SLP Detection
44. TFTPd Detection
Written by Beyond Security
We had an impossible mission: transform the hackers brain into a machine. Mission accomplished. Using automated software, Beyond Security is dedicated to finding common vulnerabilities and zero-day exploits at a fraction of the cost of human-based penetration testing. Businesses around the world have been relying on Beyond Security's vulnerability and compliance solutions since 1999. Whether you need to accurately assess and manage security weaknesses in your networks, applications, industrial systems or networked software, we're here for you - one step ahead of the hackers.