We found 0days in the product by ThreatStream called Modern Honey Network. This allows a remote attacker using a CSRF technique, to do illegal actions on the global frontend of the honeypots. An attacker can for example: add an administrator, modify the password of an administrator, delete the current administrators, etc. After that, an attacker can have a global control of the honeypot fleet. In some cases, it can allows to get a control on systems running honeypots (remote shell). The vendor and the US CERT were contacted. Patch will be provided. US CERT said there would be no CVE and no security bulletin.