Security News > 2017 > February > Java, Python FTP Injection Attacks Bypass Firewalls (Threatpost)

Java, Python FTP Injection Attacks Bypass Firewalls (Threatpost)

2017-02-23 14:19

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.

News URL

http://threatpost.com/java-python-ftp-injection-attacks-bypass-firewalls/123858/

#attack #bypass #firewall #FTP #java #python #threatpost

Related news

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
EDRSilencer red team tool used in attacks to bypass security (source)
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) (source)
Palo Alto Networks patches two firewall zero-days used in attacks (source)
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Python		24	2	52	74	31	159

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.