Backdoor Code Execution Vulnerability in DR-Web-Engine Package

Backdoor Code Execution Vulnerability in DR-Web-Engine Package

CVE-2022-34053 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more about our Web App Pen Testing.