13 matches found
Metabase - Local File Inclusion
Metabase is an open source data analytics platform. In affected versions a local file inclusion security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not...
CVE-2021-41277
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...
Metabase < 1.40.5
The version of Metabase installed on the remote host is prior to 1.40.5. It is, therefore, affected by a local file inclusion vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 Tenable,...
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services
The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...
Metabase LFI (CVE-2021-41277)
Binary data metabaselficve-2021-41277.nbin...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Metabase
CVE-2021-41277 MetaBase Arbitrary File Reading This is a...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Metabase
CVE-2021-41277 Metabase GeoJSON map local fil...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Metabase
CVE-2021-41277 MetaBase arbitrary file reading vulnerability,...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Metabase
Metabase-cve-2021-41277 Metabase 任意文件读取 optional arguments:...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Metabase
CVE-2021-41277 PoC Metabase is an open source data analytics...
CVE-2021-41277
creationtimestamp| type| source ---|---|--- 2021-11-17 22:20:55+00:00| seen| https://t.me/cibsecurity/32567 2021-11-21 13:37:04+00:00| seen| https://t.me/bhhub/640 2021-11-21 13:45:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/4802 2021-11-22 13:37:04+00:00| seen|...
CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...
CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...