SpaceX debug page accessible when using Starlink

Disclosed by
JP_Bennett
  • Engagement SpaceX/Starlink
  • Disclosed date about 3 years ago
  • Reward $4,800
  • Priority P2 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by SpaceX/Starlink

While standing up new ground infrastructure, we exposed unauthenticated services externally. We appreciate this report that helped us quickly identify and remediate this in a responsible way.

Summary by JP_Bennett

Internal IPs discovered via a simple Traceroute had exposed ports when visiting from a Starlink ISP connection. What looked like an information disclosure only, was soon confirmed to be more serious due to an exposed GRPC endpoint that was unauthenticated.

Activity