Exploit for Deserialization of Untrusted Data in Clear Clearml CVE-2024-24590

Name: Exploit for Deserialization of Untrusted Data in Clear Clearml CVE-2024-24590
Rating: 5 (541 reviews)

2024-06-13 | CVSS 8.8

## https://sploitus.com/exploit?id=352CFA7D-5262-5293-AAAF-664D3AC6D7BC
# CVE-2024-24590-ClearML-RCE-Exploit

Python script that exploits the vulnerability CVE-2024-24590 in ClearML, leveraging pickle file deserialization to execute arbitrary code.

![screenshot](_img/screenshot.png)

## Installation

**Install the required dependencies before proceeding**

Tested on Python 3.9+

### Clone the Repository

```sh
git clone https://github.com/xffsec/CVE-2024-24590-ClearML-RCE-Exploit.git
cd CVE-2024-24590-ClearML-RCE-Exploit
python3 exploit.py
```