## https://sploitus.com/exploit?id=61AF3508-DD4F-59D0-B792-25501345521A
# ClearML Exploit
This repository contains a proof-of-concept exploit for a deserialization vulnerability in ClearML, allowing for remote command execution. This exploit demonstrates how to upload a malicious pickle artifact to ClearML to gain a reverse shell.
## Prerequisites
Before you begin, ensure you have met the following requirements:
- A machine running ClearML.
- Python 3.8 or higher.
- The `clearml` library installed. You can install it using pip:
```bash
pip install clearml
clearml-init
```
Follow the onscreen instructions and paste your configuration settings when prompted.
Start your listener with:
```bash
nc -lvnp <your_port>
```
It might take a minute or so for the server to process the payload, so be patient.
For more information on the vulnerability, click the following link:
https://vulners.com/cve/CVE-2024-24590