Cloudflare's content delivery network (CDN) was impacted by a vulnerability that attackers could exploit to expose location details through images sent on Discord, Signal, and other messaging apps, reports BleepingComputer.
With Cloudflare conducting media resource caching at the data center closest in proximity to its users, security researcher Daniel found that attackers could conduct an information-disclosure intrusion through the delivery of a unique image hosted on Cloudflare's CDN to a vulnerable app, which would use the Cloudflare Teleport tool to route the requests to certain data centers.
Enumerating various Cloudflare data centers' cached responses for the image enabled the mapping of users' locations and a tracking accuracy of 50 to 300 miles, which could be further improved with Cloudflare's use of anycast routing, according to Daniel.
While Cloudflare has already addressed the Cloudflare Workers vulnerability that allowed location exposure, geo-locating attacks could still be performed via Teleport reprogramming for VPN usage, said Daniel, who was able to connect with nearly 54% of all Cloudflare datacenters with the new technique.