Host Header Injection

Impact: Medium

Description

When processing an incoming HTTP request, the webserver needs to know which component or virtual host should complete the request. The Host HTTP header is used for this purpose. All HTTP headers including the Host header are user-controlled data. If the application uses the value of any HTTP header without validation, a header injection attack occurs. Host header injection allows attackers to manipulate the response to perform arbitrary redirection, cache poisoning, and information disclosure.

Recommendation

Do not rely on the value of headers. If you have to do so, accept a whitelisted value only.

References

OWASP: Testing for Host Header Injection
CWE-20
OWASP 2021-A3

👉 You might also like:

Host Header Injection

Description

Recommendation

References

Blind OS Command Execution - Vulnerability

Blind SQL Injection - Vulnerability

Cross Site Scripting - Vulnerability

Expression Language Injection - Vulnerability

Use SmartScanner Free version to test for this issue