Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.8 views

CVE-2023-38646

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...

9.8CVSS7.8AI score0.97924EPSS
Exploits36References1
GithubExploit
GithubExploit
added 2024/11/26 7:5 p.m.601 views

Exploit for CVE-2023-38646

CVE-2023-38646-PoC-Metabase Proof-of-Concept script for exploi...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2024/11/22 4:15 a.m.155 views

Exploit for CVE-2023-38646

Metabase Pre-Authentication RCE CVE-2023-38646 CVE-2023-38...

9.8CVSS8.2AI score0.97924EPSS
Exploits36
0day.today
0day.today
added 2024/02/17 12:0 a.m.339 views

Metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646 !/usr/bin/env python3 import socke...

9.8CVSS7AI score0.97924EPSS
Exploits36
Exploit DB
Exploit DB
added 2024/02/15 12:0 a.m.484 views

Metabase 0.46.6 - Pre-Auth Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

9.8CVSS9.6AI score0.97924EPSS
Exploits36
Tenable Nessus
Tenable Nessus
added 2024/01/22 12:0 a.m.51 views

Metabase RCE (CVE-2023-38646)

The version of Metabase installed on the remote host is 0.46.x 0.46.6.1, 0.45.x 0.45.4.1, 1.45.x 1.45.4.1, 0.44.x 0.44.7.1, 1.44.x 1.44.7.1, 0.43.x 0.43.7.2, and 1.43.x 1.43.7.2. It is, therefore, affected by a command execution vulnerability when a malicious attacker sends a specially crafted...

9.8CVSS8.8AI score0.97924EPSS
Exploits36References3
GithubExploit
GithubExploit
added 2023/11/25 5:22 p.m.615 views

Exploit for CVE-2023-38646

CVE-2023-38646 Metabase Pre-Auth RCE 11/26/2023 Metabase ope...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
VulnCheck KEV
VulnCheck KEV
added 2023/11/13 12:0 a.m.10 views

VulnCheck KEV: CVE-2023-38646

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1,...

9.8CVSS7.7AI score0.97924EPSS
Exploits36References1
GithubExploit
GithubExploit
added 2023/11/07 3:57 a.m.607 views

Exploit for CVE-2023-38646

Metabase Pre-Auth RCE POC - CVE-2023-38646 Metabase open sourc...

9.8CVSS10AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/25 5:10 p.m.506 views

Exploit for CVE-2023-38646

CVE-2023-38646 Python script to exploit CVE-2023-38646 Metabas...

9.8CVSS9.8AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/25 5:10 p.m.460 views

Exploit for CVE-2023-38646

CVE-2023-38646 Python script to exploit CVE-2023-38646 Metabas...

9.8CVSS9.8AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/20 3:21 p.m.378 views

Exploit for CVE-2023-38646

CVE-2023-38646 A python RCE exploit for CVE-2023-38646 Us...

9.8CVSS9.7AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/17 7:43 a.m.408 views

Exploit for CVE-2023-38646

CVE-2023-38646 - Metabase RCE Metabase open source before 0.46...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/14 3:56 p.m.429 views

Exploit for CVE-2023-38646

CVE-2023-38646 - Metabase Pre-Auth RCE ⚠️ For educatio...

9.8CVSS9.7AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/12 2:24 a.m.293 views

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/11 8:17 p.m.404 views

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/11 8:17 p.m.368 views

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/08 2:52 p.m.331 views

Exploit for CVE-2023-38646

CVE-2023-38646 Fork of kh4sh3i'shttps://github.com/kh4sh...

9.8CVSS10AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/08/19 11:47 a.m.511 views

Exploit for CVE-2023-38646

Metabase Metabase is an open source business intelligence tool...

9.8CVSS9.9AI score0.97924EPSS
Exploits36
Metasploit
Metasploit
added 2023/08/09 7:50 p.m.890 views

Metabase Setup Token RCE

Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even after the setup process has been completed. With this token a user is able to submit the setup functionality to create a new database. When creating a new database, an H2 database string is created wi...

9.8CVSS9.8AI score0.97924EPSS
Exploits36
Rows per page
Query Builder