Ola Internal IP Disclosure

Durning the subdomain enumeration, I've got a subdomain which is :
https://vpn-blr-egl.olacabs.com/

Which uses CISCO VPN Service, with different group name of ola such as
1. Developers
2. Ola_VPN



















Cisco Systems VPN Client is a software application for connecting to a virtual private network.
The HTTP request of this headers discloses the internal IP address of ola infra.

























This information can help an attacker to identify other vulnerabilities or it may help during the exploitation of other identified vulnerabilities, apart from that it disclose the information about the IP addressing scheme of the internal ola network.



Thank you 
Dhiraj

0 coment�rios:

Post a Comment