POC for CVE-2023-38646# Metabase Pre Authentication RCE (CVE-2023-38646)
We have provided two files:-
- CVE-2023-38646-POC.py for checking if any metabase intance is leaking setup-token.
- CVE-2023-38646-Reverse-Shell.py to get a reerse shell on the attacker controlled machine.
---
## CVE-2023-38646-POC.py

---
## CVE-2023-38646-Reverse-Shell.py

---
## How To Use
```
git clone https://github.com/securezeron/CVE-2023-38646
cd CVE-2023-38646
pip install -r requirements.txt
python3 CVE-2023-38646-Reverse-Shell.py -h
```
[4.0K] /data/pocs/fa654da01bafb0608c35a8695d673472483d80a2
├── [2.0K] CVE-2023-38646-POC.py
├── [4.0K] CVE-2023-38646-Reverse-Shell.py
├── [ 773] README.md
└── [ 8] requirements.txt
0 directories, 4 files