by vicarius
log in join community
by @jakaba
17 Jun 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Remote Code Execution vulnerability in Apache HugeGraph Server (CVE-2024–27348) - exploit

by @jakaba
by @jakaba
17 Jun 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Remote Code Execution vulnerability in Apache HugeGraph Server (CVE-2024–27348) - exploit

Apps

A
Apache2Apache2
2.4.58-150600.5.38.1.*
2.4.62-150700.4.3.1.*
2.4.65-3.*
2.4.51-150400.6.46.1.*
2.4.58-150600.5.35.1.*
2.4.65-1.*
2.4.64-1.*
2.4.23-25.1.*
2.4.34-1.*
2.4.58-150600.5.32.2.*

PoC video

Summary

CVE-2024-27348 is a critical Remote Command Execution (RCE) vulnerability in Apache HugeGraph-Server versions 1.0.0 to 1.2.1 running on Java 8 or Java 11. Exploiting this flaw allows attackers to execute arbitrary code.

general

Description

Tags

#RCE#exposed_to_RCE_attack#hugegraph#gremlin
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

0

Social media links

Comments (0)