Vulnerability Database

Web Config Exposure

The web.config file is used by the Web Application Deployment tool (Web Deployment Tool) to package and deploy applications. This file contains the configuration for all the pages on the site. Thus it can reveal important information such as paths, regular expression filters and more.

Attackers can retrieve sensitive information about how the application is deployed and used.

Solution

Ensure that web.config is not publicly accessible.

Suite

Free
  • Suitable For Non-commercial Use
  • Limited Features
  • Cloud Storage

Suite Pro

$9500person/month
  • Suitable For Commercial Use
  • Unlimited Features
  • Cloud Storage

Ultimate

Enterprise
  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration
  • Single Tenant
  • Dedicated Support
  • Custom Integrations
  • Annual or Monthly, Fixed-cost Billing