- Nov 10, 2017
- 3,250
### Credit:
#### Author: duykham
#### Date: 2020-Apr-13
### Affected version:
Firefox 75.0 (64-bit), latest version as of 2020-Apr-13.
Google Chrome v81.0.4044.92 (64-bit) latest version as of 2020-Apr-13.
Platform: Windows 10
(As of my knowledge, until today 2020/05/31, there is no fix yet, later
versions are most likely affected, too).
### Title:
User's search term is accidentally sent to ISP without user's consent.
### Category:
DoH, Privacy
### Severity:
High
### Description:
When an user types a search term (e.g. "a-very-sensitive-word") into the
address bar and enter, the quick search feature will bring up search
results from a search engine (either from Google or DuckDuckGo) which is an
expected behavior.
However, the search term ("a-very-sensitive-word") is also "mistakenly"
sent to one of the (DNS) servers of the user's ISP. The user's privacy is
compromised.
The issue happens even if DoH (DNS over HTTPS) is in place. Even though,
this should not happen in any circumstances, with or without DoH. Any
information users type or search for must not not be sent out (especially
More information
blog/firefox/privacy-leakage at master · samduy/blog
Findings, bugs, disclosures, some other stuff... written by me. - samduy/blog
github.com