A significant security loophole has been exploited in major browsers, including Safari, Google Chrome, and Firefox. This vulnerability, present for nearly two decades, allows hackers to infiltrate private networks, even those protected by firewalls.
The issue stems from how these browsers process queries to a 0.0.0.0 IP address. These queries are redirected to other IP addresses, including “localhost,” a server typically used for testing code in a private setting. Israeli cybersecurity startup Oligo discovered that hackers have been exploiting this vulnerability to gain access to private data.
The attack, known as a “0.0.0.0-day” attack, involves luring the target into visiting a seemingly innocuous website that sends a malicious request to access files via 0.0.0.0. Developer code and internal messaging are examples of information that can be accessed right away.
Exploiting this vulnerability can also allow attackers to access the internal private network of the victim, opening up various attack vectors. Apple has confirmed plans to block all attempts by websites to access 0.0.0.0 in the macOS 15 Sequoia beta. Google’s Chromium and Chrome security teams are considering a similar move.
Mozilla has not yet introduced a solution in Firefox, citing concerns that blocking 0.0.0.0 could disrupt servers that use the address as a substitute for localhost. Microsoft Corp.’s Windows systems are immune to this attack as the tech giant has blocked 0.0.0.0 on its operating system.
Source: https://www.benzinga.com/news/24/08/40244247/popular-browsers-chrome-safari-and-firefox-fall-prey-to-major-18-year-old-security-hole-that-allows