Namecheap Cross-site Request Forgery Vulnerability - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner

Breaking

Namecheap Cross-site Request Forgery Vulnerability

Security researcher Henry Hoggard has discovered a cross site request forgery(CSRF) vulnerability in the Namecheap website that could lead attackers to hijack the DNS records.


Namecheap’s DNS setup page was vulnerable to Cross Site Request Forgery, allowing attackers to set custom DNS servers for a target domain.

The researcher announced this vulnerability on their Blog. Which would let attackers hijack the DNS records and display a fake website on the target domain. Or redirect MX records and intercept email.


Hoggard said, This would have impacted all customers, which I’m sure is a lot of high profile websites, as Namecheap is one of the most popular domain registrars.

Namecheap implemented the vulnerability fix on their end. No user interaction is required to apply the patch.




Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter

No comments:

Post a Comment