6 matches found
Rudder Server SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform CDP. The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may le...
Rudder Server SQLI Remote Code Execution
This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform CDP. The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may le...
CVE-2023-30625
creationtimestamp| type| source ---|---|--- 2023-07-31 13:41:50+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rudderserversqlirce.rb 2023-10-04 00:55:17+00:00| published-proof-of-concept| https://t.me/codeb0ss/1207 2023-10-11 03:23:45+00:00|...
Rudder Server SQL Injection / Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rudder Server SQLI Remote Code Execution', 'Description' = %q This Metasploit module exploits a SQL injection vulnerability in RudderStack's...
CVE-2023-30625 rudder-server vulnerable to SQL Injection
rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...
CVE-2023-30625
Rudder-server (RudderStack CDP) prior to version 1.3.0-rc.1 is affected by an SQL injection that can lead to remote code execution because the postgres user rutde_rudder is granted superuser privileges by default. Affected component: rudder-server in RudderStack; vulnerability is triggered via SQ...