📄

Report #25425

Report Date
November 5, 2023
Status
Closed
Payout

netlify-takeover

Report Info

Report ID

#25425

Report type

Websites and Applications

Has PoC?

Yes

Target

Impacts

Subdomain takeover other than app.bean.money

Description

Hello Team I Keyur Maheta found security issue in your system {HIGH}

severity: high

TiTLE netlify--takeover

Description:

The website https://analytics.bean.money/ is vulnerable to a "Netlify Takeover" vulnerability. Netlify is a cloud hosting service commonly used to deploy and manage websites. In a Netlify takeover vulnerability, an attacker can claim ownership of a Netlify subdomain, effectively taking control of the website hosted on that subdomain. This type of attack can lead to unauthorized access, defacement, or even the theft of sensitive user data. The vulnerability occurs due to misconfiguration or poor management of the Netlify subdomain.

reference:

Also inform me if you grant bounty on this i want to double check with my wallet address Best regards, Keyur

Proof of concept

Step To Reproduce https://analytics.bean.money

Immunefi Response

Immunefi has reviewed this vulnerability report and decided to close since being out of scope for Beanstalk bug bounty program.
  • claimed impact by the whitehat is in scope for the bug bounty program
  • claimed asset by the whitehat is in scope for the bug bounty program
  • PoC has not been submitted to the project
  • claimed severity is in scope for the bug bounty program

Since this bug bounty program does not require Immunefi's triaging, note that Immunefi does not:

  • check if whitehat's claims are factually correct
  • check PoC to understand the validity
  • assess the submission's severity

These activities are the project's responsibility.

The project will now be automatically subscribed and receive a report of the closed submission and can evaluate if they are interested in re-opening it. However, note that they are not under any obligation to do so.