VDB
AZL-43552
AZL-43552
PUBLISHED
CVSS 7.5 HIGH
CVE-2024-23334 affecting package python-aiohttp 3.6.2-3
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Azure Linux:2 | python-aiohttp | 0 |
Exploit Intelligence
- Bash script to automate Local File Inclusion (LFI) attacks on aiohttp server version 3.9.1. (github-poc-repo)
- Sn0wBaall/CVE-2024-23334-PoC (github-poc-repo)
- Sn0wBaall/CVE-2024-23334-PoC (github-poc)
- A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1 (github-poc)
- This repository is a proof of concept (POC) for CVE-2024-23334, demonstrating an attempt to replicate the bug in aiohttp that leads to Local File Inclusion (LFI). (github-poc)
- Bash script to automate Local File Inclusion (LFI) attacks on aiohttp server version 3.9.1. (github-poc)
- Proof of concept of the parh traversal in python AioHTTP library =< 3.9.1 (github-poc)
- 0xR00/CVE-2024-23334 (github-poc)
- Proof-of-Concept for LFI/Path Traversal vulnerability in Aiohttp =< 3.9.1 (github-poc)
- A proof of concept of the LFI vulnerability on aiohttp 3.9.1 (github-poc)
…and 10 more exploits
Timeline
- Jan 29, 2024 CVE Published
- Apr 21, 2026 CVE Updated