The remote host is running the Apache OFBiz with default administrator username and password. Apache OFBiz is an Apache Top Level Project. As automation software it comprises a mature suite of enterprise applications that integrate and automate many of the business processes of an enterprise.
This allow an attacker to gain administrative access to the remote application
You must change the default settings if you want to run it for production purposes, please refer to Apache OFBiz documentation, for further information on how to do this
- Null HTTPd Server Content-Length HTTP Header Buffer overflow Vulnerability
- Xerver HTTP Server Web Administration Denial of Service Vulnerability
- Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability
- IBM WebSphere Application Server WS-Security Policy Unspecified vulnerability
- ModSecurity Multiple Remote Denial of Service Vulnerabilities