Security vulnerabilities

Attached to Project: Security vulnerabilities
Opened by lostsam - 30.05.2024
Last edited by cbay - 05.06.2024

Hello Team,
My Name Is Pawan Yadav, a cyber security researcher from India. While testing one of your domains, I have found a vulnerability in your site.

Here is the detailed report:

Vulnerability Description :-
Direct IP access refers to the ability to access a website or service directly via its IP address
rather than its domain name (e.g., http://185.31.40.186/ instead of https://admin.alwaysdata.com/login/?next=/ ). Direct IP
access can bypass certain security controls implemented at the domain level, potentially
exposing sensitive information or allowing unauthorized access to resources.

Attack Vector :-
An attacker can directly access the web application by using its IP address, bypassing domain-
based security controls such as Web Application Firewalls (WAFs), IP filtering, or access controls
based on the domain name.
Domain :- https://admin.alwaysdata.com/login/?next=/ Direct IP Access :- http://185.31.40.186/
Reference :-
https://www.nexgi.com/digital-library/direct-ip-access/

Impact:-

Denial of Service : Direct IP-address Access has its own set of issues. For starters, it increases
the chances to encounter a Distributed Denial of Service attack.
Data Interception: Attackers can intercept and read sensitive information transmitted between
the server and clients, such as login credentials, personal information, and payment details.
Man-in-the-Middle Attacks: This vulnerability enables attackers to intercept and potentially alter
the communication between the server and client, leading to unauthorized data modification or
injection of malicious content.
Loss of User Trust: A lack of HTTPS can undermine the trust and credibility of the website among
its users, potentially leading to decreased user engagement and conversions.

POC

https://drive.google.com/file/d/19idNkDidehPI_SR3qQfvArwgCSji7elc/view?usp=sharing