Subdomain Takeover Via Insecure CloudFront Distribution cdn.grab.com

The researcher found a subdomain takeover vulnerability in cdn.grab.com which had a dangling CNAME pointing to a cloudfront instance. The subdomain was not registered on amazon Aws Cloudfront. The researcher was able to successfully takeover the domain by registering a cloudfront subdomain.