A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
Internal IP range access
L17 Detects references to private/internal IP ranges in URL context
http://192.168.1.100: FIX
Implement URL allowlisting for all outbound requests. Block requests to private IP ranges (10.x, 172.16-31.x, 192.168.x), localhost, and link-local addresses.
FP?
Likely FP if the match is a localhost URL used for local development (e.g., http://localhost:3000) in setup documentation.