Exploit for CVE-2024-27448

Name: Exploit for CVE-2024-27448
Rating: 5 (126 reviews)

2025-02-12 | CVSS 9.1

## https://sploitus.com/exploit?id=80FB9CF1-7733-5B84-88BA-A163ED8F9450
# MailDev 2.1.0 RCE Exploit

**CVE-2024-27448**

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file. 

## Setup vulnerable environment

```bash
python3 exploit.py
```


References:

- [CVE-2024-27448](https://vulners.com/cve/CVE-2024-27448)

For legal testing purposes only. Use at your own risk. I take no liability for damages.