Detections
Analytics
Host Header Injection
Description
A web server commonly hosts several web applications on the same IP address, referring to each application via the virtual host. In an incoming HTTP request, web servers often dispatch the request to the target virtual host based on the value supplied in the Host header. Without proper validation of the header value, the attacker can supply invalid input to cause the web server to:
Dispatch requests to the first virtual host on the list.
Perform a redirect to an attacker-controlled domain.
Perform web cache poisoning.
Manipulate password reset functionality.
Allow access to virtual hosts that were not intended to be externally accessible.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Web App Scanning | Web Applications | Authenticated Scan | HTTP/HTTPS | Host Header Injection | Plugin IDs: 98623 |
References
Attack Path Technique Details
Framework: OWASP
Family: Injection
Technique: Host Header Injection
Sub-Technique: Host Header Injection
Platform: Web Application
Products Required: Tenable Web App Scanning
Tenable Release Date: 2022 Q2