SNI proxy SSRF is a lesser-known but high-impact vulnerability class where misconfigured proxies route traffic based on attacker-controlled TLS metadata. Under specific conditions, this can expose internal services and even cloud metadata endpoints in AWS and Azure. This article explains how these attacks work, when they are exploitable, and how to defend against them.

Read more

The post SNI proxy SSRF vulnerabilities: Misconfigurations, exploitation, and defense appeared first on Acunetix.

*** This is a Security Bloggers Network syndicated blog from Web Security Blog | Acunetix authored by Zbigniew Banach. Read the original post at: https://www.acunetix.com/blog/web-security-zone/sni-proxy-misconfiguration-ssrf-vulnerabilities/