Asp.Net Version disclosure

Description

At the time of sending the request, the server displays the Asp.Net Version being used. Other details about the technology of the server could be exposed as well.

An attacker could exploit known vulnerabilities of the same version if it was not updated.

Recommendation

To prevent this vulnerability from happening, remove the header that displays the version or display a generic message.
Apply the following changes to the web.config file to prevent ASP.NET version disclosure.

References

https://cwe.mitre.org/data/definitions/200.html

< Return to all Vulnerabilities

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »