Summary by SpaceX/Starlink
While standing up new ground infrastructure, we exposed unauthenticated services externally. We appreciate this report that helped us quickly identify and remediate this in a responsible way.
While standing up new ground infrastructure, we exposed unauthenticated services externally. We appreciate this report that helped us quickly identify and remediate this in a responsible way.
Internal IPs discovered via a simple Traceroute had exposed ports when visiting from a Starlink ISP connection. What looked like an information disclosure only, was soon confirmed to be more serious due to an exposed GRPC endpoint that was unauthenticated.