Multiple Subdomain Takeovers: fly.staging.shipt.com, fly.us-west-2.staging.shipt.com, fly.us-east-1.staging.shipt.com
Medium
S
Shipt
Submitted None
Team Summary
Official summary from Shipt
A researcher identified 3 different abandoned subdomain CNAME records that pointed to a 3rd party service (fly.io) that Shipt had recently stopped using. Upon receiving the report, the Shipt information security team responded quickly and resolved the issue by removing the stale DNS records.
Actions:
Reported by
mubassirpatel
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Reliance on Reverse DNS Resolution for a Security-Critical Action