Quick Summary RDP Without Network Level Authentication (NLA) is a security misconfiguration where the Remote Desktop Protocol (RDP) service allows connection attempts without requiring pre-authentication at the transport layer. When NLA is disabled, the server allocates system resources before user…

Quick Summary SNMP Private Community String Exposed is a network service misconfiguration where the SNMP service allows access using the default or weak “private” community string. Unlike the “public” string (read-only), the “private” community string often provides read-write access, allowing…

Quick Summary SNMP Public Community String Configured is a network service misconfiguration where the Simple Network Management Protocol (SNMP) service is accessible using the default community string “public.” This allows unauthorized users to query system information, network configuration, and device…

Quick Summary Telnet Service Enabled on Production Server is a network service misconfiguration where the Telnet protocol is enabled and accessible on a production environment. Telnet transmits credentials and session data in cleartext, making it vulnerable to interception, credential theft,…

Quick Summary Anonymous FTP Access Enabled is a network service misconfiguration where the FTP server allows users to authenticate using the username anonymous without requiring valid credentials. This may allow unauthorized users to browse directories, download sensitive files, and potentially…

Quick Summary SMB Signing Not Required is a network service misconfiguration where the SMB server does not enforce message signing. This allows attackers to perform SMB relay attacks, potentially leading to unauthorized access, credential relay, and lateral movement within the…