Multiple Intel Vulnerabilities-Adesh Kolte

Adesh Kolte
Nov 5, 2017 · 1 min read

Hello Guyzz

I am Adesh Nandkishor Kolte (An Independent Cyber Security Resercher From India)

First Vulnerability:

Vulnerability Type: Open Redirection

Vulnerable URL:

https://communities.intel.com/terms-and-conditions!input.jspa?url=http://evilsite.com

https://<private>.intel.com/external-link.jspa?url=http://evilsite.com

Summary: An open redirect is an application that takes a parameter and redirects a user to the parameter value without any validation. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.

In the URL described above the parameter url= is vulnerable to open redirect. An attacker is able to provide a custom URL where the victim will be redirected. An attacker can impersonate his malicious URL as Intel’s

Second Vulnerability:

Vulnerabiltiy Type:Directory Listing

Vulnerable Url:

For Reporting This Vulnerabilities Intel Gave Certificate Of Appreciation

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store