Share
## https://sploitus.com/exploit?id=E3ECA39C-5418-55BB-8311-AB9E808446F0
# Metabase Pre-Auth RCE (CVE-2023-38646) PoC

A proof of concept of CVE-2023-38646, a Metabase exploit that allows user to do Remote Code Execution utilizing the setup token found in /api/session/properties to send a payload encoded in base64

# Usage
` ./MetabaseRCE_CVE-2023-38646 -u [target url] -t [target token] -c [command] `