X-HTTP-Method-Override Security Misconfiguration Scanner
This scanner detects the use of the X-HTTP-Method-Override header security misconfiguration in digital assets. It identifies systems that improperly honor this header, which could lead to unexpected behavior and vulnerabilities.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
12 days 1 hour
Scan only one
URL
Toolbox
-
X-HTTP-Method-Override is a feature used in HTTP requests where the actual HTTP method can be overridden by specifying it in the request header. This is common in systems that need support for alternative HTTP methods over restricted networks. However, improper handling of this feature can introduce potential vulnerabilities. The scanner detects such misconfigurations in systems that process the X-HTTP-Method-Override header incorrectly.
The vulnerability lies in the improper handling of the X-HTTP-Method-Override header. Systems that trust this header without validation may inadvertently allow unauthorized HTTP methods, leading to unexpected or insecure behavior.
When scanning for this vulnerability, the scanner compares responses to requests where the X-HTTP-Method-Override header is set to different values, observing for discrepancies. This indicates that the system honors the header without proper validation, which could lead to exploitation.
Exploiting this vulnerability could allow attackers to perform actions with unintended HTTP methods. For example, they could bypass restrictions on the allowed HTTP methods, enabling attacks like POSTing data to endpoints where only GET requests are expected.
REFERENCES
