An IP spoofing vulnerability in Django REST allowed attackers to circumvent the framework’s throttling feature, which is supposed to protect applications against mass requests.
Django REST is a popular toolkit for developing web APIs and is used by Mozilla, Red Hat, and Heroku among others. It has a throttling feature that controls the rates of requests a client can make to the API. This feature is meant to protect applications against bot activity, denial-of-service attacks, and malicious activities such as brute-force attempts on login pages, one-time passwords, and password reset pages.
Django REST uses IP addresses to identify clients and apply the throttling request limits. However, according to security researcher Hosein Vita, clients can trick the server and mask their IP address by changing their request headers.
For more such updates follow us on Google News ITsecuritywire News
