Oligo Security published information about a vulnerability affecting Chrome, Firefox, and Safari. This vulnerability allows users to bypass access restrictions to network services available only on the local system by using the IP address 0.0.0. The first warnings about this vulnerability were published 18 years ago, yet it remains unfixed.
This vulnerability, present only in Linux and MacOS, arises from the fact that the IP address 0.0.0. on these platforms points to a local network interface (Localhost). Sending a request to 0.0.0.0 is similar to a request to the address 127.0.0.1. Modern browsers have measures to prevent access to 127.0.0.1 when interacting with external sites to prevent manipulation of internal services available only to local applications.
This exploit allows bypassing the prohibition on accessing 127.0.0.1 and launching an attack on internal services when opening an external web page in a browser controlled by the attacker. By using 0.0.0.0, Cross-Origin Resource Sharing (CORS) and Private Network Access (PNA) mechanisms cannot prevent such attacks. This vulnerability has been exploited by attackers to target critical vulnerabilities in server applications accessible only by the local system.
