Skip to content

Instantly share code, notes, and snippets.

@TJetnipat
Last active Jan 22, 2023
Embed
What would you like to do?
A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a HTTP "Host" request header.
Vulnerability: Host Header Injection
Product: Plesk Obsidian
Version: 18.0.49 and below
Tools:
Burp Suite
Mozilla Firefox (as a browser)
Scenario: Attacker could redirect users login page to malicious login page by inject a payload directly into the “Host: ” HTTP request header.
Steps:
1. Access the target website (which Plesk installed) without URL path.
2. Intercept “login.php” request and Modify the “Host: ” HTTP request header value to malicious website. In this case -> attacker.com and then forward the edited request.
3. The target website will redirect to “https://attacker.com/login_up.php” instead of “https:<target>/login.php”.
More step by step screanshot and PoC video:
https://medium.com/@jetnipat.tho/cve-2023-24044-10e48ab940d8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment