aio-libs News Articles

Recent news articles refferecing the vendors vulnerabilities.

favicon imageGBHackers

ShadowSyndicate Hackers Exploiting Aiohttp Vulnerability

A new Aiohttp vulnerability has been discovered which is found to be exploited by the threat actor named "ShadowSyndicate".

favicon imageCN-SEC

aiohttp路径遍历漏洞 | CVE-2024-23334

本文所提供的信息只为网络安全人员对自己所负责的网站、服务器等(包括但不限于)进行检测或维护参考,未经授权请勿利用文章中的技术资料对任何计算机系统进行入侵操作。利用此文所提供的信息而造成的直接或间接后果和损失,均由使用者本人负责。

favicon imagesecurityonline.info

News Archives

ShadowSyndicate Ransomware Gang Targets aiohttp CVE-2024-23334 Flaw: Patch Now!A recently patched vulnerability in the popular Python web framework aiohttp has swiftly landed on the radar of notorious...

favicon imageHacking8 安全信息流

GitHub - z3rObyte/CVE-2024-23334-PoC: A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1

A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1 - z3rObyte/CVE-2024-23334-PoC

favicon imageSecurityWeek

Aiohttp Vulnerability in Attacker Crosshairs

A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.

favicon imageNetManageIT

Hackers exploit Aiohttp bug to find vulnerable networks

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.

favicon imageBeeping Computers

Hackers exploit Aiohttp bug to find vulnerable networks

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.

favicon imageCyble

CGSI Probes: ShadowSyndicate Group’s Possible Exploitation of Aiohttp Vulnerability (CVE-2024-23334) 

CGSI captures potential exploitation of an Aiohttp vulnerability by the ShadowSyndicate Group.

favicon image威武网安

CVE-2024-23334:Aiohttp目录遍历漏洞

漏洞描述 aiohttp是一个开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。当使用 aiohttp 作为Web服务器并设置静态路由时,若 follow_symlinks 选项设为True,则不会验证指定文件路径是否位于根目录内。攻击者可以通过构造恶意的请求,访问服务器任意文件。 漏

favicon imageVicarius

CVE-2024-23334 - vsociety

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessar...

favicon imagePentest-Tools.com

aiohttp - Directory Traversal (CVE-2024-23334)

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.

No more news articles to load.