Share
## https://sploitus.com/exploit?id=4CC94C44-EEF4-5CC5-BB27-A87109D8C3F8
# CVE-2024-4323-Exploit-POC

This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.

CVE-2024-4323 is a memory corruption vulnerability in Fluent Bit versions 2.0.7 through 3.0.3. The issue resides in the embedded HTTP server's parsing of trace requests, which can lead to denial of service (DoS) conditions, information disclosure, or remote code execution (RCE) ([MITRE CVE](https://vulners.com/cve/CVE-2024-4323)) ([Launchpad](https://bugs.launchpad.net/bugs/cve/2024-4323)).

For more details on the vulnerability and mitigations, you can refer to the [CVE-2024-4323 entry on Mitre](https://vulners.com/cve/CVE-2024-4323) and [Tenable's advisory](https://tenable.com/security/research/tra-2024-17).

## Disclaimer

This script is intended for testing and educational purposes only. Unauthorized exploitation of vulnerabilities is illegal and unethical. Always obtain proper authorization before testing any system for vulnerabilities.

## Usage

Running the script with `-h` or `--help` will display the usage menu:

```
usage: exploit.py [-h] -u URL -p PORT -c CODE

Exploit for CVE-2024-4323

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     Target URL
  -p PORT, --port PORT  Target port number
  -c CODE, --code CODE  Remote code to be executed
```