Sensitive Information

Internal IP Address Disclosure On Subdomain Discovered



The "Internal IP Address Disclosure on Subdomain Discovered" alarm indicates that an internal IP address has been unintentionally exposed on a publicly accessible subdomain. Internal IP addresses are private network addresses that should not be publicly disclosed as they can provide attackers with information about your network architecture and potentially facilitate targeted attacks. When this alarm is triggered, it is crucial to take immediate action to remove the exposure and prevent further disclosures.

Address ranges to be used by private networks are:
Class A: to
Class B: to
Class C: to


The exposure of an internal IP address on a publicly accessible subdomain can have several implications:
Network Vulnerability: Attackers can leverage the exposed internal IP address to gather information about your network infrastructure, potentially identifying entry points for unauthorized access and exploitation.
Targeted Attacks: The disclosed internal IP address provides attackers with valuable information for launching targeted attacks, such as network reconnaissance, scanning, or exploitation of vulnerabilities specific to your network setup.


To mitigate the risks associated with internal IP address disclosure on subdomains, consider the following steps:
Audit and Remove Exposures: Regularly scan your domains and subdomains for misconfigurations, vulnerabilities, and unintended exposures. Identify any instances of internal IP address disclosure and promptly remove them from publicly accessible subdomains.
Proper Network Segmentation: Implement network segmentation to isolate internal IP addresses from public-facing systems and ensure that only authorized users or services have access to internal resources.
Use External-Facing IP Addresses: Avoid using internal IP addresses on publicly accessible subdomains. Instead, use external-facing IP addresses or domain names that are not linked to your internal network.
Access Controls and Authentication: Implement strong access controls and user authentication mechanisms to limit access to sensitive information and resources. Regularly review and update user privileges to prevent unauthorized disclosure.
By following these mitigation steps, you can reduce the risk of internal IP address disclosure on subdomains and enhance the security of your network infrastructure.




configuration network

Start Your Free Trial Now!

The 30-day free trial of ThreatMon allows users to explore the product's security benefits. During this trial period, you can test Threat Intelligence data, detect threats to your organization and recommend security measures.

Start Free Trial