Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-48990
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
needrestart 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
needrestart是liske个人开发者的一款用于检查升级后需要重新启动哪些守护进程的工具。 needrestart 3.8之前版本存在安全漏洞,该漏洞源于允许本地攻击者通过诱骗needrestart使用攻击者控制的PYTHONPATH环境变量运行Python解释器,并以root身份执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
needrestartneedrestart 0 ~ 3.8 -
II. Public POCs for CVE-2024-48990
#POC DescriptionSource LinkShenlong Link
1PoC for CVE-2024-48990https://github.com/makuga01/CVE-2024-48990-PoCPOC Details
2Exploit for CVE-2024-48990 (Local Privilege Escalation in needrestart < 3.8)https://github.com/ns989/CVE-2024-48990POC Details
3Qualys needsrestart vulnerability CVE-2024-48990https://github.com/felmoltor/CVE-2024-48990POC Details
4My take on the needrestart Python CVE-2024-48990https://github.com/Cyb3rFr0g/CVE-2024-48990-PoCPOC Details
5Testing POC for use caseshttps://github.com/pentestfunctions/CVE-2024-48990-PoC-TestingPOC Details
6Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.https://github.com/r0xdeadbeef/CVE-2024-48990-exploitPOC Details
7A Local Privilege Escalation poc scipts for CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003https://github.com/njeru-codes/needrestart-vulnerability-pocPOC Details
8My exploit for CVE-2024-48990. Full details of how I made this are on my blog.https://github.com/ally-petitt/CVE-2024-48990-ExploitPOC Details
9Needrestart, prior to version 3.8, contains a vulnerability that allows local attackers to execute arbitrary code with root privileges. This is achieved by manipulating the PYTHONPATH environment variable to trick needrestart into running the Python interpreter in an unsafe context.https://github.com/r0xdeadbeef/CVE-2024-48990POC Details
10Nonehttps://github.com/CyberCrowCC/CVE-2024-48990POC Details
11Nonehttps://github.com/NullByte-7w7/CVE-2024-48990POC Details
12Exploit for CVE-2024-48990 - Privilege Escalation in Needrestart 3.7-3. For eductional purposes onlyhttps://github.com/ten-ops/CVE-2024-48990_needrestartPOC Details
13Needrestart, prior to version 3.8, contains a vulnerability that allows local attackers to execute arbitrary code with root privileges. This is achieved by manipulating the PYTHONPATH environment variable to trick needrestart into running the Python interpreter in an unsafe context.https://github.com/r0xDB/CVE-2024-48990POC Details
14Needrestart, prior to version 3.8, contains a vulnerability that allows local attackers to execute arbitrary code with root privileges. This is achieved by manipulating the PYTHONPATH environment variable to trick needrestart into running the Python interpreter in an unsafe context.https://github.com/R0XDEADBEEF/CVE-2024-48990POC Details
15Automated local privilege escalation exploit for CVE-2024-48990 (needrestart v3.7), leveraging PYTHONPATH hijacking to gain root access.https://github.com/Serner77/CVE-2024-48990-Automatic-ExploitPOC Details
16Full exploit for needsrestart setuid root shellhttps://github.com/mladicstefan/CVE-2024-48990POC Details
17PoC for CVE-2024-48990https://github.com/Mr-DJ/CVE-2024-48990POC Details
18Nonehttps://github.com/Loaxert/CVE-2024-48990-PoCPOC Details
19i tried this in Conversor HTB machinehttps://github.com/0x3bs/CVE-2024-48990POC Details
20an exploit for CVE-2024-48990 ( Local Privilege Escalation ) in needrestart https://github.com/o-sec/CVE-2024-48990POC Details
21Local privilege escalation exploit for needrestart (CVE-2024-48990)https://github.com/tahsinunluturk/needrestart-privesc-cve-2024-48990POC Details
22Simple poc for CVE-2024-48990 privilege escalation vulnerability with needrestart. https://github.com/sobbing333/CVE-2024-48990-POCPOC Details
23PoC about CVE-2024-48990. Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. (NIST)https://github.com/grecosamuel/CVE-2024-48990POC Details
24needrestart < 3.8 Local Privilege Escalation via PYTHONPATH injectionhttps://github.com/BLUEBERRYP1LL/CVE-2024-48990POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-48990
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: needrestart
Same vendor: needrestart
V. Comments for CVE-2024-48990

No comments yet

Leave a comment