What is the vulnerability of Unauthenticated Blind SSRF via DNS Rebinding in WP version 6.1.1 and lower?

asked 2022-04-22 11:00:00 +0000

bukephalos
21 ●4 ●3

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2021-04-11 15:00:00 +0000

scrum
21 ●2 ●2

Unauthenticated Blind SSRF via DNS Rebinding vulnerability in WP version 6.1.1 and lower allows unauthenticated attackers to perform server-side request forgery (SSRF) attacks. This vulnerability occurs when an attacker can control the DNS settings of their victim's network or machine, which they can then use to redirect requests from the vulnerable application to their own server or arbitrary servers. This could potentially allow an attacker to bypass security measures and gain access to sensitive data or execute arbitrary code on the server, leading to various types of attacks such as data exfiltration or complete server takeover.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss

Add Answer

Question Tools

Stats

Asked: 2022-04-22 11:00:00 +0000

Seen: 20 times

Last updated: Apr 11 '21

What is the vulnerability of Unauthenticated Blind SSRF via DNS Rebinding in WP version 6.1.1 and lower? edit

1 Answer