info Private IP Disclosure
Details
| Severity | info |
|---|---|
| Status | Open |
| Engine | zap |
| Target URL | https://easm.liifecore.com/assets |
| First Seen | 2026-07-14 03:00:20 UTC |
| Last Seen | 2026-07-14 03:00:20 UTC |
| CWE | CWE-497 |
Description
A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.
Evidence
10.64.4.29
Raw Output
{
"alert": "Private IP Disclosure",
"alertRef": "2",
"attack": "",
"confidence": "Medium",
"cweid": "497",
"description": "A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.",
"evidence": "10.64.4.29",
"id": "43",
"inputVector": "",
"messageId": "34",
"method": "GET",
"name": "Private IP Disclosure",
"other": "10.64.4.29\n10.64.4.216\n10.64.4.87\n10.64.4.84\n10.64.4.195\n10.64.1.104\n10.64.5.78\n",
"param": "",
"pluginId": "2",
"reference": "https://datatracker.ietf.org/doc/html/rfc1918",
"risk": "Low",
"solution": "Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.",
"sourceMessageId": 34,
"sourceid": "3",
"tags": {
"CWE-497": "https://cwe.mitre.org/data/definitions/497.html",
"OWASP_2017_A03": "https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure.html",
"OWASP_2021_A01": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/",
"POLICY_PENTEST": "",
"POLICY_QA_STD": ""
},
"url": "https://easm.liifecore.com/assets",
"wascid": "13"
}