Symfony Enabled Debug Mode Scanner

The remote Symfony installations appears to have left the 'debug' interface enabled, allowing the disclosure and possible execution of arbitrary code. Information disclosed from this page can be used to gain additional information about the target system.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

5 sec

Scan only one

Url

Parent Category

Symfony Enabled Debug Mode Scanner Detail

One of the main features of debug mode is the display of detailed error pages. If your app raises an exception when debug is True, Symfony will display a detailed traceback, including a lot of metadata about your environment, such as all the currently defined Symfony settings. If an attacker can successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in formulating targeted attacks against the system.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product