Pypi · Exotel · CVE-2022-38792
**Name of the Vulnerable Software and Affected Versions**
exotel (aka exotel-py) version 0.1.6
**Description**
The exotel package in PyPI includes a code execution backdoor inserted by a third party. This backdoor allows for code execution, posing a significant security risk. Users should be aware of this issue to take appropriate mitigation measures.
**Recommendations**
For version 0.1.6, downgrade to version 0.1.5 to avoid the problem.