BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon

April 25, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct at the time of posting.

Program

Program Information

doi vdp

doi vdp

Program Details

Details

Additional Information

  • Priority: P5

While doing some security research I stumbled upon some information via manual url tampering. This information MAY be public knowledge which is why I submitted this as informational.After researching it appears that this is a function of Pulse Connect Secure as it allows the creation of a custom help page. But since there doesn’t appear to be any “help” links on the login page I’m not sure if this function needs to be enabled, so I figured it would be a good idea to report it. Mainly because it seems to give away the username format, links to what appear to be vpns, as well as the direct e-mail of who to contact if there was an issue logging in. This information may be of use for bad actors.To reproduce the issue just visit the link https://pm.doi.gov/dana-na/auth/url_c8x42cdx6wWwu0xF/welcome.cgi?p=helpThe original url passed the parameter p=no_cert I changed that to p=help.

Full Report (Source)

Submitted By

Submitter Information

  • Hacker Points: 0
  • Hacker Accuracy: 100.0%
  • Hacker Rank: 119639th

murderfalcon

Submitter Profile

Tags: , ,

You may have missed

alerts

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

April 25, 2024
image

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

April 25, 2024
hkcert

Cisco Products Multiple Vulnerabilities

April 25, 2024
HIBP Banner 1

T2 – 94,584 breached accounts

April 25, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

April 25, 2024