“Web scraping considered dangerous”: Exploiting the telnet service in scrapy < 1.5.2
Remote Code Execution (RCE)
SSRF->Telnet->RCE chain in Scrapy, found by @alertot
https://medium.com/alertot/web-scraping-considered-dangerous-exploiting-the-telnet-service-in-scrapy-1-5-2-ad5260fea0db