Zero-Day Vulnerability: 18 Years of Exploiting the ‘0.0.0.0’ Flaw

A study revealed a hidden vulnerability that has plagued the world’s largest browsers for 18 years, leaving private and corporate networks susceptible to cyberattacks. Researchers from Oligo Security discovered that hackers could exploit how browsers handle requests to the IP address 0.0.0.0, redirecting them to private servers like “localhost.”

Dubbed the “0.0.0.0 Day” vulnerability, this technique involves luring victims to malicious websites that send covert requests via 0.0.0.0, potentially accessing sensitive data like developers’ information and internal messages. More alarmingly, it can grant hackers access to victims’ internal networks, opening up a plethora of attack vectors.

Both individuals and companies hosting web servers are vulnerable, with countless systems potentially at risk. Researchers demonstrated the ability to execute malicious code on servers using the Ray AI framework, but the issue extends to any application accessible through 0.0.0.0.

Google’s security developer reported instances of malware exploiting this vulnerability in June. However, Windows users are not affected as Microsoft blocks 0.0.0.0 by default.

Apple plans to address the issue by blocking 0.0.0.0 access in the upcoming macOS 15 Sequoia beta. Google is also considering similar measures for Chromium and Chrome. However, Mozilla, the maker of Firefox, is hesitant due to potential compatibility issues with servers that utilize 0.0.0.0.

While these changes signal a growing emphasis on cybersecurity from tech giants, researchers stress the significant risk of leaving 0.0.0.0 open, believing it exposes vast amounts of previously protected data.

The full findings will be presented at the DEF CON conference in Las Vegas this weekend, shedding further light on this critical security issue. Stay tuned for updates and potential mitigation strategies as the cybersecurity community grapples with this long-standing vulnerability.

Related Posts:

• New Chrome and Firefox malicious extensions prevent user removal to hijack browsers
• CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks
• Cisco Small Business IP Phones Affected by Critical Vulnerabilities, No Patch!
• Apache CloudStack Releases Critical Patches (CVE-2024-42062 and CVE-2024-42222)