Home / Vulnerability Database / C-sharp : Undocumented feature: network activity

C-sharp : Undocumented feature: network activity

Classification

OWASP ASVS

Malicious Code

PCI DSS 4.0

2.2.4

CWE

CWE-506 CWE-510

Overview

The application initiates a connection with the hardcoded external server. If the address is not in the white list, this may indicate undocumented network activity.

Undocumented network activity may lead to a sensitive data exposure. Sensitive Data Exposure takes the third place in the OWASP Top 10 2017 web application vulnerabilities ranking.

References

Backdoor (computing) - Wikipedia
The Art of the Backdoor
PHP Backdoor Obfuscation Techniques - vexatioustendencies.com
CWE-506: Embedded Malicious Code

LOW

C-sharp : Undocumented feature: network activity

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C-sharp : Undocumented feature: network activity in your application?

See also

C-sharp : JWT: None Algorithm

C-sharp : Insecure data transmission: Database

C-sharp : Only one of method Equals() and GetHashCode() defined