尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| - | n/a | n/a | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | to be released | https://github.com/Marven11/CVE-2024-28397 | POC详情 |
| 2 | CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction. | https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape | POC详情 |
| 3 | None | https://github.com/CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape | POC详情 |
| 4 | An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-28397.yaml | POC详情 |
| 5 | This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Python’s internal object model and access dangerous classes like subprocess.Popen, leading to arbitrary command execution. | https://github.com/waleed-hassan569/CVE-2024-28397-command-execution-poc | POC详情 |
| 6 | The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that allows JavaScript code to be executed within the Python interpreter. | https://github.com/0timeday/exploit-js2py | POC详情 |
| 7 | None | https://github.com/harutomo-jp/CVE-2024-28397-RCE | POC详情 |
| 8 | None | https://github.com/Naved124/CVE-2024-28397-js2py-Sandbox-Escape | POC详情 |
| 9 | The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that allows JavaScript code to be executed within the Python interpreter. | https://github.com/releaseown/exploit-js2py | POC详情 |
| 10 | PoC exploit for CVE-2024-28397 – Remote Code Execution in pyload-ng via js2py sandbox escape | https://github.com/ExtremeUday/Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py- | POC详情 |
| 11 | This repository contains a python exploit code for CVE-2024-28397 intended for use on the "CodePartTwo" machine on Hack The Box (HTB). | https://github.com/naclapor/CVE-2024-28397 | POC详情 |
| 12 | None | https://github.com/0xDTC/js2py-Sandbox-Escape-CVE-2024-28397-RCE | POC详情 |
| 13 | This repository contains a Proof of Concept (PoC) for CVE-2024-28397, a vulnerability in the js2py library allowing a sandbox escape to achieve remote code execution. | https://github.com/nelissandro/CVE-2024-28397-Js2Py-RCE | POC详情 |
| 14 | CVE-2024-28397 - Remote Code Execution From Vulnerable JS2PY | https://github.com/vitaciminIPI/CVE-2024-28397-RCE | POC详情 |
| 15 | This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Python’s internal object model and access dangerous classes like subprocess.Popen, leading to arbitrary command execution. | https://github.com/Ghost-Overflow/CVE-2024-28397-command-execution-poc | POC详情 |
| 16 | Reverse shell for CVE-2024-28397. | https://github.com/0xPadme/CVE-2024-28397-Reverse-Shell | POC详情 |
| 17 | This repository contains a Proof of Concept (PoC) for CVE-2024-28397, a vulnerability in the js2py library allowing a sandbox escape to achieve remote code execution. | https://github.com/D3ltaFormation/CVE-2024-28397-Js2Py-RCE | POC详情 |
| 18 | A Python automation script for exploiting the **js2py Sandbox Escape** vulnerability (CVE-2024-28397). This tool automates the payload generation and delivery process to achieve Remote Code Execution (RCE) on vulnerable instances. | https://github.com/L1337Xi/CVE-2024-28397-Exploit-Automation | POC详情 |
| 19 | This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Python’s internal object model and access dangerous classes like subprocess.Popen, leading to arbitrary command execution. | https://github.com/GhostOverflow/CVE-2024-28397-command-execution-poc | POC详情 |
| 20 | js2py <= 0.74 sandbox escape (CVE-2024-28397) | https://github.com/3z-p0wn/CVE-2024-28397-exploit | POC详情 |
| 21 | Professional exploit for CVE-2024-28397: Js2Py Sandbox Escape leading to Remote Code Execution (RCE). Includes modular payload generation. | https://github.com/xeloxa/CVE-2024-28397-Js2Py-RCE-Exploit | POC详情 |
未找到公开 POC。
登录以生成 AI POC暂无评论