Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/adriyansyah-mf/CVE-2023-38646--Metabase- | POC Details |
| 2 | For educational purposes only | https://github.com/Pumpkin-Garden/POC_Metabase_CVE-2023-38646 | POC Details |
| 3 | Metabase Pre-auth RCE (CVE-2023-38646)!! | https://github.com/0xrobiul/CVE-2023-38646 | POC Details |
| 4 | Remote Code Execution on Metabase CVE-2023-38646 | https://github.com/Chocapikk/CVE-2023-38646 | POC Details |
| 5 | None | https://github.com/Xuxfff/CVE-2023-38646-Poc | POC Details |
| 6 | POC for CVE-2023-38646 | https://github.com/securezeron/CVE-2023-38646 | POC Details |
| 7 | Tools to exploit metabase CVE-2023-38646 | https://github.com/lazysec0x21/CVE-2023-38646 | POC Details |
| 8 | Proof of Concept for CVE-2023-38646 | https://github.com/Zenmovie/CVE-2023-38646 | POC Details |
| 9 | Metabase Pre-auth RCE | https://github.com/shamo0/CVE-2023-38646-PoC | POC Details |
| 10 | CVE-2023-38646-POC | https://github.com/fidjiw/CVE-2023-38646-POC | POC Details |
| 11 | None | https://github.com/Any3ite/cve-2023-38646-metabase-ReverseShell | POC Details |
| 12 | Automatic Tools For Metabase Exploit Known As CVE-2023-38646 | https://github.com/robotmikhro/CVE-2023-38646 | POC Details |
| 13 | Metabase Pre-auth RCE (CVE-2023-38646) | https://github.com/kh4sh3i/CVE-2023-38646 | POC Details |
| 14 | CVE-2023-38646 (Pre-Auth RCE in Metabase) | https://github.com/joaoviictorti/CVE-2023-38646 | POC Details |
| 15 | None | https://github.com/yxl2001/CVE-2023-38646 | POC Details |
| 16 | CVE-2023-38646 Pre-Auth RCE in Metabase | https://github.com/alexandre-pecorilla/CVE-2023-38646 | POC Details |
| 17 | Metabase H2 远程代码执行漏洞(CVE-2023-38646) | https://github.com/CN016/Metabase-H2-CVE-2023-38646- | POC Details |
| 18 | CVE-2023-38646 Metabase RCE | https://github.com/Boogipop/MetabaseRceTools | POC Details |
| 19 | CVE-2023-38646 Metabase 0.46.6 exploit | https://github.com/SUT0L/CVE-2023-38646 | POC Details |
| 20 | CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase | https://github.com/nickswink/CVE-2023-38646 | POC Details |
| 21 | None | https://github.com/passwa11/CVE-2023-38646 | POC Details |
| 22 | None | https://github.com/threatHNTR/CVE-2023-38646 | POC Details |
| 23 | None | https://github.com/asepsaepdin/CVE-2023-38646 | POC Details |
| 24 | Exploit script for Pre-Auth RCE in Metabase (CVE-2023-38646) | https://github.com/Pyr0sec/CVE-2023-38646 | POC Details |
| 25 | Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. | https://github.com/birdm4nw/CVE-2023-38646 | POC Details |
| 26 | RCE Exploit for CVE-2023-38646 | https://github.com/AnvithLobo/CVE-2023-38646 | POC Details |
| 27 | Python script to exploit CVE-2023-38646 Metabase Pre-Auth RCE via SQL injection | https://github.com/Red4mber/CVE-2023-38646 | POC Details |
| 28 | Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. | https://github.com/junnythemarksman/CVE-2023-38646 | POC Details |
| 29 | A crappy exploit script written for CVE-2023-38646. It works about as well as peace treaties between Israel and Hamas. | https://github.com/Itrekr/CVE-2023-38646-Crapsploit | POC Details |
| 30 | Metabase Pre-Auth RCE POC | https://github.com/Mrunalkaran/CVE-2023-38646 | POC Details |
| 31 | Code to detect/exploit vulnerable metabase application | https://github.com/j0yb0y0h/CVE-2023-38646 | POC Details |
| 32 | Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. | https://github.com/Ego1stoo/CVE-2023-38646 | POC Details |
| 33 | Metabase postgres (org.h2.Driver) RCE without INIT | https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646 | POC Details |
| 34 | Tools to exploit metabase CVE-2023-38646 | https://github.com/raytheon0x21/CVE-2023-38646 | POC Details |
| 35 | None | https://github.com/Shisones/MetabaseRCE_CVE-2023-38646 | POC Details |
| 36 | None | https://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646- | POC Details |
| 37 | Exploit for the Remote Code Execution (RCE) vulnerability identified in Metabase versions before 0.46.6.1 (open source) and 1.46.6.1 (Enterprise). Authentication is not required for exploitation. | https://github.com/UserConnecting/Exploit-CVE-2023-38646-Metabase | POC Details |
| 38 | Exploit for CVE-2023-38646, a pre-auth RCE in Metbase | https://github.com/xchg-rax-rax/CVE-2023-38646 | POC Details |
| 39 | This is a script written in Python that allows the exploitation of the Metabase's software security flaw described in CVE-2023-38646. | https://github.com/m3m0o/metabase-pre-auth-rce-poc | POC Details |
| 40 | CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点/api/setup/validate时,对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串,利用该端点在服务器上执行任意命令,而无需进行身份验证。 | https://github.com/XiaomingX/cve-2023-38646-poc | POC Details |
| 41 | Proof-of-Concept script for exploiting CVE-2023-38646. Intended for educational and research purposes only. | https://github.com/JayRyz/CVE-2023-38646-PoC-Metabase | POC Details |
| 42 | CVE-2023-38646 Metabase 0.46.6 exploit | https://github.com/DaniTheHack3r/CVE-2023-38646 | POC Details |
| 43 | Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-38646.yaml | POC Details |
| 44 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Metabase%20%E6%9C%AA%E6%8E%88%E6%9D%83%20JDBC%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-38646.md | POC Details |
| 45 | https://github.com/vulhub/vulhub/blob/master/metabase/CVE-2023-38646/README.md | POC Details | |
| 46 | None | https://github.com/BreezeGalaxy/CVE-2023-38646 | POC Details |
| 47 | CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点/api/setup/validate时,对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串,利用该端点在服务器上执行任意命令,而无需进行身份验证。 | https://github.com/cleanmgr112/cve-2023-38646-poc | POC Details |
No public POC found.
Login to generate AI POCNo comments yet