Vulnerability: Insecure HTTP Downloads in ipip-coffee

Vulnerability: Insecure HTTP Downloads in ipip-coffee

CVE-2016-10673 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application.

Learn more about our Web Application Penetration Testing UK.