Werkzeug Debugger Exposure
Werkzeug debugger is a useful interactive tool for introspective running Python web applications. The debugger allows the execution of arbitrary code. Therefore it must never be used on production machines.
Attackers may access the debugger to execute arbitrary code into the web application.
Solution
Ensure that the debugger is turned off in production environments.
References
Ultimate
- Specifically designed for medium and large Enterprises
- All Tools, Services, and Plans
- Single Sign-On Integration, Single Tenant
- Dedicated Support, Custom Integrations
- Annual or Monthly, Fixed-cost Billing