RCE Attacks Against Thousands Of Apache Superset Servers

At its default settings, Apache Superset is vulnerable to authentication bypass and remote code execution, allowing attackers to read and alter data, gather passwords, and issue commands. Apache Superset is a top-level project of the Apache Software Foundation since 2021. It was initially created for Airbnb as an open-source data visualization and exploration tool. Apache […]

airbnb apache apache software foundation apache superset attackers attacks authentication authentication bypass bypass code code execution data data visualization default default settings foundation identity and access management (iam) issue malware and vulnerabilities news & analysis passwords project rce remote code remote code execution servers settings software source data superset tool visualization vulnerable