/CVE-2023-38646

POC for CVE-2023-38646 - metabase

Primary LanguagePython

Metabase Pre Authentication RCE (CVE-2023-38646)

We have provided two files:-

  • CVE-2023-38646-POC.py for checking if any metabase intance is leaking setup-token.
  • CVE-2023-38646-Reverse-Shell.py to get a reerse shell on the attacker controlled machine.

CVE-2023-38646-POC.py

Check

CVE-2023-38646-Reverse-Shell.py

Reverse_Shell1

How To Use

git clone https://github.com/securezeron/CVE-2023-38646
cd CVE-2023-38646
pip install -r requirements.txt
python3 CVE-2023-38646-Reverse-Shell.py -h