CVE-2024-6782 PoC — Calibre 安全漏洞

Source

https://github.com/zangjiahe/CVE-2024-6782

Associated Vulnerability

Title:Calibre 安全漏洞 (CVE-2024-6782)
Description:Calibre是印度Kovid Goyal个人开发者的一个开源免费的全能电子书阅读管理与格式转换工具。 Calibre 6.9.0版本至7.14.0版本存在安全漏洞，该漏洞源于访问控制不当。未经身份验证的攻击者实现远程代码执行。

Description

Calibre 远程代码执行（CVE-2024-6782）Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.

Readme

# CVE-2024-6782
Calibre 远程代码执行（CVE-2024-6782）Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.

![8d4237fcfec48246cfa4fb6fe3e48327_CVE-2024-6782_01 calibre-rce](https://github.com/user-attachments/assets/8c514ee0-e072-4d93-bc23-f1c132a39b43)

File Snapshot


 [4.0K]  /data/pocs/355170e59b40853f884b1b590bca89003488eda8
├── [ 976]  calibre-rce.py
└── [ 324]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!