Security News > 2024 > March > Hackers exploit Aiohttp bug to find vulnerable networks

Hackers exploit Aiohttp bug to find vulnerable networks
2024-03-16 14:17

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.

On January 28, 2024, aiohttp released version 3.9.2, addressing CVE-2024-23334, a high-severity path traversal flaw impacting all versions of aiohttp from 3.9.1 and older that allows unauthenticated remote attackers to access files on vulnerable servers.

Cyble's finding, though not definitive, indicates that the threat actors might be carrying out scans targeting servers using a vulnerable version of the aiohttp library.

Regarding the attack surface, Cyble's internet scanner ODIN shows there are roughly 44,170 internet-exposed aiohttp instances around the world.

The version of the internet-exposed instances run cannot be discerned, making it hard to determine the number of vulnerable aiohttp servers.

Hackers exploit critical RCE flaw in Bricks WordPress site builder.


News URL

https://www.bleepingcomputer.com/news/security/hackers-exploit-aiohttp-bug-to-find-vulnerable-networks/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2024-23334 Path Traversal vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp fedoraproject CWE-22
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Aiohttp 1 0 6 3 0 9