logo

Incorrectly Specified Destination in a Communication Channel

Incomplete Base
Structure: Simple
Description

This vulnerability occurs when an application establishes an outgoing communication channel but fails to correctly define or enforce the intended recipient. This misdirection can allow data to be sent to an untrusted or malicious destination.

Extended Description

Attackers can exploit this flaw in two primary ways. First, if they can directly control the destination specification—such as in Server-Side Request Forgery (SSRF) or by spoofing UDP packets—they can redirect traffic to systems they control. This is often used to bypass firewalls, mask attack origins, or launch denial-of-service attacks. Second, the flaw can stem from the application itself incorrectly specifying the target due to misconfiguration, faulty parsing (like of email addresses or IPs), or insecure mechanisms like Android's sticky broadcasts. This unintentional misdirection can allow a malicious actor to intercept sensitive data meant for a trusted service, effectively spoofing it.
Demonstrative Examples 1

ID : DX-113

This code listens on a port for DNS requests and sends the result to the requesting address.

Code Example:

Bad
Python
python
This code sends a DNS record to a requesting IP address. UDP allows the source IP address to be easily changed ('spoofed'), thus allowing an attacker to redirect responses to a target, which may be then be overwhelmed by the network traffic.
Observed Examples 3
CVE-2013-5211composite: NTP feature generates large responses (high amplification factor) with spoofed UDP source addresses.
CVE-1999-0513Classic "Smurf" attack, using spoofed ICMP packets to broadcast addresses.
CVE-1999-1379DNS query with spoofed source address causes more traffic to be returned to spoofed address than was sent by the attacker.
References 2
UDP-based Amplification Attacks
US-CERT
17-01-2014
https://www.cisa.gov/ncas/alerts/TA14-017A(2025-08-04)
ID: REF-941
Android Bad Practices: Sticky Broadcast
Fortify
https://www.hpe.com/us/en/solutions/infrastructure-security.html?jumpid=va_wnmstr1ug6_aid-510326901(2023-04-07)
ID: REF-942
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Technologies:
Mobile : Undetermined
Modes of Introduction
Architecture and Design
Implementation
Related Weaknesses
ChildOf: Improper Restriction of Communication Channel to Intended Endpoints (CWE-923)
CanPrecede: Insufficient Control of Network Message Volume (Network Amplification) (CWE-406)