For continuous coverage, we push out a major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.
NGINX Variable Disclosure (Crowdsource submission)
Through Crowdsource we are about to stay up-to-date will new methods the moment they are reported on different channels. This week we implemented Disclosure of internal Nginx variables. This was described in a Russian HackerOne report about two months ago. Kudos to the reporter as this took some out-of-the-box thinking to get this.
While a lot in this release has been vulnerabilities that are uniquely found or hard to categorize, a few CVEs has also been implemented. One of the examples here would be the Path Traversal-issue in one of Cisco’s product. Given that Cisco is widely used, this could be impacting many companies at the moment. To ensure quality of the report we check for the actual vulnerability and not just the running version.
Practical Web Cache Poisoning
Something that has taken up much of the time of the security researchers is the recent blog post by Portswigger, Practical Web Cache Poisoning. There are still things to do there. Some research areas not mentioned in the blog post but were implemented in our scanner. The potential impact varies from being able to control innocent content on a page to getting a stored XSS.
We found several findings around different types of authentication bypasses with inspiration from the Portswigger article and past experience of our security researchers. While implementing this and running towards our own test environment we were able to bypass authentication in ways that were not even supposed to be tested – a clear sign this will probably affect many out there!
Customer feedback on false positives
We now check for more administration tools that are exposed to the internet and improved accuracy on existing modules to prevent false positives. Thanks for reporting findings to us so that we can continue to improve our tool!
Questions or comments on our latest security updates? Let us know in the comments below!
Begin a scan for the latest vulnerabilities today. Start a free trial with Detectify here!
Already have an account? Login to check your assets.
Detectify is a continuous web scanner monitor service that can be set up for automated scanning for 1000+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!