Security News > 2024 > March > Hackers exploit Aiohttp bug to find vulnerable networks
The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.
On January 28, 2024, aiohttp released version 3.9.2, addressing CVE-2024-23334, a high-severity path traversal flaw impacting all versions of aiohttp from 3.9.1 and older that allows unauthenticated remote attackers to access files on vulnerable servers.
Cyble's finding, though not definitive, indicates that the threat actors might be carrying out scans targeting servers using a vulnerable version of the aiohttp library.
Regarding the attack surface, Cyble's internet scanner ODIN shows there are roughly 44,170 internet-exposed aiohttp instances around the world.
The version of the internet-exposed instances run cannot be discerned, making it hard to determine the number of vulnerable aiohttp servers.
Hackers exploit critical RCE flaw in Bricks WordPress site builder.
News URL
Related news
- Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware (source)
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware (source)
- Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites (source)
- Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign (source)
- Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-29 | CVE-2024-23334 | Path Traversal vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 7.5 |