Description

One or more strings matching an internal IPv4 address were found. These IPv4 addresses may disclose information about the IP addressing scheme of the internal network. This information can be used to conduct further attacks.

The significance of this finding should be confirmed manually.

Remediation

Prevent this information from being displayed to the user.

References

Internal IP Address Disclosure | Invicti

Related Vulnerabilities

Consul API publicly exposed

WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Information Disclosure (2.7.6)

WordPress Plugin Download Shortcode Arbitrary File Disclosure (0.1)

WordPress Plugin User Profile Picture Information Disclosure (2.4.0)

WordPress Plugin BackupBuddy Arbitrary File Download (8.7.4.1)

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Internal IP Disclosure