all InfoSec news
ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data
Cyber Security News cybersecuritynews.com
A directory traversal vulnerability (CVE-2024-23334) was identified in aiohttp versions before 3.9.2. This vulnerability allows remote attackers to access sensitive files on the server because aiohttp doesn’t validate file reading within the root directory when ‘follow_symlinks’ is enabled. Aiohttp is a popular asynchronous HTTP framework used in over 43,000 internet-exposed instances, making them prime targets […]
The post ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data appeared first on Cyber Security News.
access aiohttp vulnerability asynchronous attackers cve cve-2024 cve-2024-23334 cyber security cybersecurity data data breach directory directory traversal exploit exposed file files framework hackers hackers exploit http internet popular root sensitive sensitive data server steal vulnerability