Web Services Vulnerabilities

Web services vulnerabilities expose APIs, communication protocols, and data to exploitation

These vulnerabilities highlight risks in web service design, data handling, and protocol implementation.

WS Information Gathering

Metadata exposure: WSDL files or API documentation leak internal endpoints, methods, or authentication details. 

Service enumeration: Attackers identify exposed services (e.g., SOAP/REST) through port scanning or DNS queries. 

WSDL Weakness

Insecure bindings: SOAP endpoints configured over HTTP (no encryption) allow eavesdropping. 

Sensitive data disclosure: WSDL files reveal backend systems, parameter types, or deprecated methods. 

Weak XML Structure 

Malformed XML payloads: Invalid tags, oversized elements, or schema violations crash parsers (DoS). 

Schema poisoning: Manipulating XML schemas to bypass validation checks. 

XML Content-Level Vulnerabilities 

XXE (XML External Entity): Malicious entities enable file retrieval, SSRF, or internal network access. 

Data injection: Tampering with XML values (e.g., `admin`) to escalate privileges or bypass logic. 

WS HTTP GET Parameters/REST 

Sensitive data in URLs: GET requests expose credentials, tokens, or PII in logs or browser history. 

Insecure REST endpoints: Unauthenticated access to resources (e.g., `/api/users`) or excessive data exposure. 

WS Naughty SOAP Attachments 

Malware delivery: Attachments containing malicious scripts or executables. 

Resource exhaustion: Oversized files (e.g., 10GB payloads) overwhelm server memory/disk space. 

WS Replay Attacks

Request reuse: Captured authenticated SOAP/REST requests are replayed to impersonate users. 

Session hijacking: Valid tokens or cookies reused to bypass authentication.