azure-traffic-manager

1 article
Sort: New Top Best
clear filter
bug-bounty621 facebook431 xss316 google103 rce101 csrf60 microsoft59 web354 account-takeover53 writeup50 apple42 sqli41 cve35 ssrf34 exploit33 dos31 privilege-escalation28 defi28 cloudflare27 smart-contract-vulnerability25 idor24 subdomain-takeover24 ethereum23 clickjacking23 smart-contract23 vulnerability-disclosure21 access-control21 auth-bypass19 malware19 remote-code-execution18 lfi17 cors16 race-condition15 cloud15 reverse-engineering14 authentication-bypass14 solidity14 oauth12 browser12 info-disclosure12 aws12 sql-injection11 delegatecall11 denial-of-service11 phishing11 web-application-security10 vulnerability9 buffer-overflow9 web-security9 token-theft9
0
Subdomain takeover Starbucks (Part 2)
bug-bounty

A subdomain takeover vulnerability was discovered on Starbucks where an unclaimed CNAME pointing to a non-existent Azure Traffic Manager subdomain (s00149tmppcrpt.trafficmanager.net) could be hijacked by registering the Traffic Manager profile without domain ownership verification. The researcher was awarded a $2,000 bounty for this finding.

subdomain-takeover azure azure-traffic-manager dns cname nxdomain bug-bounty domain-takeover misconfiguration security-research
Starbucks Microsoft Azure Azure Traffic Manager wfmnarptpc.starbucks.com s00149tmppcrpt.trafficmanager.net trafficmanager.net Patrik Hudak
0xpatrik.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details