Uber Lets You Send Anyone an Email Claiming to be From uber.com

by
janrinok
from SoylentNews on (#5TQ5Y)

upstart writes:

Uber lets you send anyone an email claiming to be from Uber.com:

[The] software bug means that pretty much anyone can currently send an email from the Uber.com domain. No, Uber has not intentionally done so. It is, however, choosing to ignore the problem at the moment.

These are the conclusions of multiple security researchers, which blame an exposed endpoint on Uber's servers allowing anyone to use SendGrid, an email marketing and customer communications platform, to send emails on behalf of the taxi ride giant.

The vulnerability is "an HTML injection in one of Uber's email endpoints," security researcher and bug bounty hunter, Seif Elsallamy, told BleepingComputer. These emails can pass both DKIM and DMARC security checks and land safely in people's inboxes, the report adds.

In a demonstration email, Elsallamy crafted a message warning the user that their account is about to be suspended and that they need to re-submit their payment data. Such emails, which could easily be leveraged to obtain sensitive and payment data from millions of paying Uber customers, would be sent from a legitimate Uber domain. This is just an example of the potency of the flaw. Distributing malware, ransomware, or simple spam, are all realistic possibilities.

To fix the issue, Uber needs to "sanitize the users' input in the vulnerable undisclosed form", he explains.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments