0.0.0.0 Day: Exploiting Localhost APIs from the Browser
Oligo Security revealed the "0.0.0.0 Day" vulnerability affecting major web browsers, enabling malicious sites to exploit local services. Browser developers are working on updates to mitigate this risk.
Read original article
Oligo Security has disclosed a significant vulnerability known as "0.0.0.0 Day," which affects all major web browsers, allowing malicious websites to bypass security measures and interact with local network services. This vulnerability arises from inconsistent security implementations across browsers, enabling attackers to exploit local services by using the IP address 0.0.0.0 instead of the typical localhost address. The issue poses a risk of unauthorized access and remote code execution on local devices, impacting both individuals and organizations. Active exploitation campaigns, such as ShadowRay, highlight the urgency of addressing this flaw. In response, browser developers are working on updates to block access to 0.0.0.0, with Google Chrome and Apple Safari already implementing measures to restrict this vulnerability. Mozilla Firefox is also planning to block 0.0.0.0 in the future, although it currently lacks immediate fixes. The rise in websites communicating with 0.0.0.0 underscores the need for a standardized approach to browser security, as the lack of uniformity has allowed this vulnerability to persist.
- Oligo Security has identified a critical vulnerability affecting major web browsers.
- The "0.0.0.0 Day" vulnerability allows external websites to exploit local network services.
- Browser developers are implementing measures to block access to 0.0.0.0.
- Active exploitation campaigns highlight the urgency of addressing this security flaw.
- A standardized approach to browser security is needed to prevent similar vulnerabilities.
Related
Threat actors quick to weaponize PoC exploits; 6.8% of all internet traffic DDoS
Hackers exploit PoC exploits within 22 minutes of release, leaving little time for defense. Cloudflare advises using AI for quick detection rules. DDoS attacks contribute to 6.8% of daily internet traffic, rising to 12% during major events.
Don't Let Your Domain Name Become a "Sitting Duck"
Over a million domain names are at risk of hijacking due to authentication vulnerabilities in web hosting services. Experts highlight the need for improved DNS management and cooperation among stakeholders to mitigate these risks.
Mac and Windows users infected by software updates delivered over hacked ISP
Hackers compromised an ISP to deliver malware to Windows and Mac users via software updates, affecting multiple applications. Users are advised to avoid insecure updates and use secure DNS protocols.
Apple to Address '0.0.0.0' Security Vulnerability in Safari 18
Apple will address a security vulnerability in Safari 18 affecting macOS Sequoia, Sonoma, and Ventura, blocking malicious requests to the IP address 0.0.0.0, with an update expected later this year.
1 commentsRelated
Threat actors quick to weaponize PoC exploits; 6.8% of all internet traffic DDoS
Hackers exploit PoC exploits within 22 minutes of release, leaving little time for defense. Cloudflare advises using AI for quick detection rules. DDoS attacks contribute to 6.8% of daily internet traffic, rising to 12% during major events.
Don't Let Your Domain Name Become a "Sitting Duck"
Over a million domain names are at risk of hijacking due to authentication vulnerabilities in web hosting services. Experts highlight the need for improved DNS management and cooperation among stakeholders to mitigate these risks.
Mac and Windows users infected by software updates delivered over hacked ISP
Hackers compromised an ISP to deliver malware to Windows and Mac users via software updates, affecting multiple applications. Users are advised to avoid insecure updates and use secure DNS protocols.
Apple to Address '0.0.0.0' Security Vulnerability in Safari 18
Apple will address a security vulnerability in Safari 18 affecting macOS Sequoia, Sonoma, and Ventura, blocking malicious requests to the IP address 0.0.0.0, with an update expected later this year.