Germany’s CERT-Bund issues warning about Sphinx web servers exposed on the internet. Sphinx is a popular open-source text search server. It is available for Linux, Windows, macOS, Solaris, FreeBSD, and a few other operating systems. The organization highlights that Sphinx lacks any authentication mechanisms. Admins have a simple way to check if their servers can be reached from the internet, using standard tools available in Linux/Unix systems. Many of the versions we noticed on Shodan were outdated.
Source: https://www.bleepingcomputer.com/news/security/exposed-sphinx-servers-are-no-challenge-for-hackers/

