Hackers exploit Aiohttp bug to find vulnerable networks

2024-03-16 14:17

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.

On January 28, 2024, aiohttp released version 3.9.2, addressing CVE-2024-23334, a high-severity path traversal flaw impacting all versions of aiohttp from 3.9.1 and older that allows unauthenticated remote attackers to access files on vulnerable servers.

Cyble's finding, though not definitive, indicates that the threat actors might be carrying out scans targeting servers using a vulnerable version of the aiohttp library.

Regarding the attack surface, Cyble's internet scanner ODIN shows there are roughly 44,170 internet-exposed aiohttp instances around the world.

The version of the internet-exposed instances run cannot be discerned, making it hard to determine the number of vulnerable aiohttp servers.

Hackers exploit critical RCE flaw in Bricks WordPress site builder.

News URL

https://www.bleepingcomputer.com/news/security/hackers-exploit-aiohttp-bug-to-find-vulnerable-networks/

#exploit #hacker #CVE-2024-23334

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-29	CVE-2024-23334	aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. network low complexity aiohttp fedoraproject	7.5

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Aiohttp		1	0	6	3	0	9

News URL

Related news

Related Vulnerability

Related vendor