支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:640

64.0%
立即捐款
一、 漏洞 CVE-2023-38646 基础信息
漏洞信息
                                        # N/A

## 概述
Metabase的开源版本和企业版存在一个漏洞,允许攻击者在服务器上执行任意命令,并以服务器的权限级别运行。该漏洞无需认证即可被利用。

## 影响版本
- 开源版本:0.46.6.1之前的所有版本
- 企业版:1.46.6.1之前的所有版本

其他修复版本包括:
- 0.45.4.1
- 1.45.4.1
- 0.44.7.1
- 1.44.7.1
- 0.43.7.2
- 1.43.7.2

## 细节
攻击者可以在未授权的情况下在目标服务器上执行任意命令,这些命令将以服务器的权限级别执行。

## 影响
该漏洞允许攻击者完全控制服务器,可能导致数据泄露、破坏、篡改或其他恶意活动。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞允许攻击者在服务器上以服务器的权限级别执行任意命令,且利用此漏洞不需要进行身份验证。这表明该漏洞存在于Web服务的服务端,影响了Metabase的多个版本。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Metabase 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Metabase是美国Metabase公司的一个开源数据分析平台。 Metabase 0.46.6.1之前版本和Metabase Enterprise 1.46.6.1之前版本存在安全漏洞,该漏洞源于允许攻击者以运行该服务的权限在服务器上执行任意命令。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2023-38646 的公开POC
#POC 描述源链接神龙链接
1Nonehttps://github.com/adriyansyah-mf/CVE-2023-38646--Metabase-POC详情
2For educational purposes onlyhttps://github.com/Pumpkin-Garden/POC_Metabase_CVE-2023-38646POC详情
3Metabase Pre-auth RCE (CVE-2023-38646)!!https://github.com/0xrobiul/CVE-2023-38646POC详情
4Remote Code Execution on Metabase CVE-2023-38646https://github.com/Chocapikk/CVE-2023-38646POC详情
5Nonehttps://github.com/Xuxfff/CVE-2023-38646-PocPOC详情
6POC for CVE-2023-38646https://github.com/securezeron/CVE-2023-38646POC详情
7Tools to exploit metabase CVE-2023-38646https://github.com/lazysec0x21/CVE-2023-38646POC详情
8Proof of Concept for CVE-2023-38646https://github.com/Zenmovie/CVE-2023-38646POC详情
9Metabase Pre-auth RCEhttps://github.com/shamo0/CVE-2023-38646-PoCPOC详情
10CVE-2023-38646-POChttps://github.com/fidjiw/CVE-2023-38646-POCPOC详情
11Nonehttps://github.com/Any3ite/cve-2023-38646-metabase-ReverseShellPOC详情
12Automatic Tools For Metabase Exploit Known As CVE-2023-38646https://github.com/robotmikhro/CVE-2023-38646POC详情
13Metabase Pre-auth RCE (CVE-2023-38646)https://github.com/kh4sh3i/CVE-2023-38646POC详情
14CVE-2023-38646 (Pre-Auth RCE in Metabase)https://github.com/joaoviictorti/CVE-2023-38646POC详情
15Nonehttps://github.com/yxl2001/CVE-2023-38646POC详情
16CVE-2023-38646 Pre-Auth RCE in Metabasehttps://github.com/alexandre-pecorilla/CVE-2023-38646POC详情
17Metabase H2 远程代码执行漏洞(CVE-2023-38646)https://github.com/CN016/Metabase-H2-CVE-2023-38646-POC详情
18CVE-2023-38646 Metabase RCEhttps://github.com/Boogipop/MetabaseRceToolsPOC详情
19CVE-2023-38646 Metabase 0.46.6 exploithttps://github.com/SUT0L/CVE-2023-38646POC详情
20CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase https://github.com/nickswink/CVE-2023-38646POC详情
21Nonehttps://github.com/passwa11/CVE-2023-38646POC详情
22Nonehttps://github.com/threatHNTR/CVE-2023-38646POC详情
23Nonehttps://github.com/asepsaepdin/CVE-2023-38646POC详情
24Exploit script for Pre-Auth RCE in Metabase (CVE-2023-38646)https://github.com/Pyr0sec/CVE-2023-38646POC详情
25Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.https://github.com/birdm4nw/CVE-2023-38646POC详情
26RCE Exploit for CVE-2023-38646https://github.com/AnvithLobo/CVE-2023-38646POC详情
27Python script to exploit CVE-2023-38646 Metabase Pre-Auth RCE via SQL injectionhttps://github.com/Red4mber/CVE-2023-38646POC详情
28Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.https://github.com/junnythemarksman/CVE-2023-38646POC详情
29A crappy exploit script written for CVE-2023-38646. It works about as well as peace treaties between Israel and Hamas.https://github.com/Itrekr/CVE-2023-38646-CrapsploitPOC详情
30Metabase Pre-Auth RCE POChttps://github.com/Mrunalkaran/CVE-2023-38646POC详情
31Code to detect/exploit vulnerable metabase applicationhttps://github.com/j0yb0y0h/CVE-2023-38646POC详情
32Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.https://github.com/Ego1stoo/CVE-2023-38646POC详情
33Metabase postgres (org.h2.Driver) RCE without INIThttps://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646POC详情
34Tools to exploit metabase CVE-2023-38646https://github.com/raytheon0x21/CVE-2023-38646POC详情
35Nonehttps://github.com/Shisones/MetabaseRCE_CVE-2023-38646POC详情
36Nonehttps://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646-POC详情
37Exploit for the Remote Code Execution (RCE) vulnerability identified in Metabase versions before 0.46.6.1 (open source) and 1.46.6.1 (Enterprise). Authentication is not required for exploitation.https://github.com/UserConnecting/Exploit-CVE-2023-38646-MetabasePOC详情
38Exploit for CVE-2023-38646, a pre-auth RCE in Metbasehttps://github.com/xchg-rax-rax/CVE-2023-38646POC详情
39This is a script written in Python that allows the exploitation of the Metabase's software security flaw described in CVE-2023-38646.https://github.com/m3m0o/metabase-pre-auth-rce-pocPOC详情
40CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点/api/setup/validate时,对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串,利用该端点在服务器上执行任意命令,而无需进行身份验证。https://github.com/XiaomingX/cve-2023-38646-pocPOC详情
41Proof-of-Concept script for exploiting CVE-2023-38646. Intended for educational and research purposes only.https://github.com/JayRyz/CVE-2023-38646-PoC-MetabasePOC详情
42CVE-2023-38646 Metabase 0.46.6 exploithttps://github.com/DaniTheHack3r/CVE-2023-38646POC详情
43Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-38646.yamlPOC详情
44Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Metabase%20%E6%9C%AA%E6%8E%88%E6%9D%83%20JDBC%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-38646.mdPOC详情
45https://github.com/vulhub/vulhub/blob/master/metabase/CVE-2023-38646/README.mdPOC详情
46Nonehttps://github.com/BreezeGalaxy/CVE-2023-38646POC详情
三、漏洞 CVE-2023-38646 的情报信息
四、漏洞 CVE-2023-38646 的评论

暂无评论

发表评论