Skip to content

sadshade/CVE-2022-24706-CouchDB-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CVE-2022-24706-Exploit.py
CVE-2022-24706-Exploit.py
 
 
README.md
README.md
 
 

Repository files navigation

Apache CouchDB 3.2.1 - Remote Code Execution (RCE) CVE-2022-24706

Date: 2022-01-21

Exploit Author: Konstantin Burov, @_sadshade

Software Link: https://couchdb.apache.org/

Version: 3.2.1 and below

Tested on: Kali 2021.2

Based on 1F98D's Erlang Cookie - Remote Code Execution

Shodan: port:4369 "name couchdb at"

CVE: CVE-2022-24706

References:

https://habr.com/ru/post/661195/

https://www.exploit-db.com/exploits/49418

https://insinuator.net/2017/10/erlang-distribution-rce-and-a-cookie-bruteforcer/

https://book.hacktricks.xyz/pentesting/4369-pentesting-erlang-port-mapper-daemon-epmd#erlang-cookie-rce

About

Apache CouchDB 3.2.1 - Remote Code Execution (RCE)

Resources

Readme
Activity

Stars

30 stars

Watchers

1 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages