InvalidAuth on PUT:/api/v1/primary-transaction

[jaleelsyed]

Title: InvalidAuth Vulnerability on PUT:/api/v1/primary-transaction Project: Netbanking Description: The Invalid-Authentication exploit gives an attacker full access to the vulnerable endpoint without a valid credentials.

Assertion The 'Authentication Exploit' scanning identifies vulnerabilities resulting from either skipping or using cached results for expired or invalid tokens/authorization header values.Risk: InvalidAuth Severity: Critical API Endpoint: http://95.217.118.53:8080/api/v1/primary-transaction Environment: Master Playbook: ApiV1PrimaryTransactionPutAuthInvalid Researcher: Invalid_Auth

QUICK TIPS

Suggestion: Make sure the endpoint is secured as part of the authentication framework. Effort Estimate: 3.0 Hrs Wire Logs:

IMPORTANT LINKS

Vulnerability Details: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/recommendations/402880e87e673b4c017e673dd7340062/details

Project: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/jobs

Environment: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/environments/null/edit

Scan Dashboard: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/jobs/402880e87e66f039017e66f47ad0017f/runs/402880e87e673b4c017e673da99e005c

Playbook: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/template/ApiV1PrimaryTransactionPutAuthInvalid

Coverage: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/configuration

Code Sample: https://cloud.fxlabs.io/#/app/projects/402880e87e66f039017e66f437980000/recommendations/402880e87e673b4c017e673dd7340062/codesamples

PS: Please contact support@apisec.ai for apisec access and login issues.

--- apisec Bot ---