Internal IP Disclosure

Description

Kayran has detected an internal IPv4 address in your system.
Internal IP Disclosure means that the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

These IPv4 addresses could expose information about the IP addressing scheme being used in your internal network.

That could be very dangerous to your business if SSRF(Server-side request forgery), RFI (Remote file inclusion) or LFI (Local file inclusion) are possible.
If possible, more information about the internal network can be obtained by the attacker, making his attacks more dangerous.

Recommendation

To prevent any Internal IP Disclosure, make sure that these IP Addresses are not being displayed to any, unauthorized actors.

References

https://cwe.mitre.org/data/definitions/200.html

< Return to all Vulnerabilities

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Read More »