A Security researcher Henry Hoggard has discovered a cross site request forgery(CSRF) vulnerability in the Namecheap website that could lead attackers to hijack the DNS records.
An attacker could have exploited this vulnerability and redirect the websites to fake website. The attacker could also have managed to display defacement message.
In his blog post, the researcher said the vulnerability could allowed hackers to redirect MX records and intercept email.
In an email sent to ThreatPost, the researcher said "This would have impacted all customers, which I’m sure is a lot of high profile websites, as Namecheap is one of the most popular domain registrars"
Henry informed namecheap about the bug in June 2013. However, they took several months to fix the vulnerability(23th December), finally implemented the CSRF token.
Source: ThreatPost
An attacker could have exploited this vulnerability and redirect the websites to fake website. The attacker could also have managed to display defacement message.
In his blog post, the researcher said the vulnerability could allowed hackers to redirect MX records and intercept email.
Screenshot of POC code |
In an email sent to ThreatPost, the researcher said "This would have impacted all customers, which I’m sure is a lot of high profile websites, as Namecheap is one of the most popular domain registrars"
Henry informed namecheap about the bug in June 2013. However, they took several months to fix the vulnerability(23th December), finally implemented the CSRF token.
Source: ThreatPost