Details
Alert Id 110006
Alert Type WebSocket Passive
Status release
Risk Low
CWE
WASC
Technologies Targeted All
Tags

Summary

A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the incoming WebSocket message. This information might be helpful for further attacks targeting internal systems.

Solution

Remove the private IP address from the WebSocket messages.

References

Code

scripts/templates/websocketpassive/Private IP Disclosure.js