logo

Port 50051 – gRPC Default Port

Service:

gRPC ,
custom microservices

Protocol:

TCP

Port:

50051

Used for:

Remote communication between services (protobuf over HTTP/2)

Why It’s Open

gRPC is widely used in modern microservice architectures for fast, type-safe communication. Developers often use 50051 as the default server port.

Common Risks

  • Unauthenticated APIs: Default deployments may expose sensitive endpoints.
  • Information Disclosure: Debug or reflection APIs may be exposed.
  • No Encryption by Default: Unless explicitly configured.

Want to save time on reporting?

Let PentestPad generate, track, and export your reports - automatically.

logo-cta

Enumeration & Testing

Check for exposed gRPC services:

Terminal window
grpcurl :50051 list

Describe and call methods (example):

Terminal window
grpcurl -plaintext :50051 describe
grpcurl -d '{}' :50051 my.Service/MyMethod

Known Exploits

gRPC itself is a framework and has fewer CVEs - but developers often expose insecure services over it.

  1. CVE-2021-3121 A vulnerability in the Go protobuf library used by gRPC could lead to improper handling of messages, potentially causing a denial of service.

🔗 NVD Entry

🔗 GitHub Advisory

  1. CVE-2020-7768 A vulnerability in the grpc-node library allows attackers to cause a denial of service via a crafted request.

🔗 NVD Entry

🔗 GitHub Advisory

  1. CVE-2019-1003083 Jenkins plugin using gRPC API exposed sensitive data

Tools & Tactics

  • Check for TLS: use openssl s_client -connect <target-ip>:50051
  • Inspect reflection service (grpc.reflection.v1alpha.ServerReflection)
  • If protobuf files are available, generate stubs and test calls manually

What to Look For

CheckpointWhat it means
Reflection enabledMay expose all available RPC methods
No TLSTraffic sniffing risk
No AuthFull access to service functions

Mitigation

  • Use mTLS and authentication.
  • Disable reflection in production.
  • Monitor and document available RPC endpoints.

Real-World Example

IgRPC misconfigurations have led to full read/write access to internal service logic, especially in fast-deployed Kubernetes microservices.

TL;DR

  • Service: gRPC Services (Custom APIs)
  • Default Port: 50051/TCP
  • Risks: Exposed internal APIs, unauthenticated access, injection, logic flaws
  • Mitigation: Use mTLS, enforce authZ/authN, disable reflection in production, API gateway monitoring