Redirects to HTTPS eventually, but initial redirection is to another HTTP URL

OWASP 2013-A10 OWASP 2017-A6 CWE-601 WSTG-CLNT-04

When a web application initially redirects to an HTTP URL and then redirects to HTTPS eventually. The attacker can easily exploit this vulnerability for a successful attack and can be redirected to a different host without any proper validation of user parameters. An attacker can execute this attack by adding an untrusted URL input to a malicious site. The attacker can easily launch a phishing scam to steal user credentials from the application. As the server name in the modified link is identical to the original site, phishing attempts will give a legit appearance on the Internet.

Impact

Using this vulnerability, an attacker can:-

  • redirect the user to a malicious site to steal information/data.
  • show user false data which will, in turn, affect the credibility of the website.

Mitigation / Precaution

Beagle recommends the following:-

  • Remove redirect from the application.
  • Disable HTTP completely from the application.

Related Articles