automatic module_metadata_base.json update

rapid7 · Nov 20, 2024 · 3419bfe · 3419bfe
1 parent afbbba0
commit 3419bfe
Showing 1 changed file with 63 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -75813,6 +75813,69 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_linux/http/judge0_sandbox_escape_cve_2024_28189": {
+    "name": "Judge0 sandbox escape",
+    "fullname": "exploit/linux/http/judge0_sandbox_escape_cve_2024_28189",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-03-04",
+    "type": "exploit",
+    "author": [
+      "Tanto Security",
+      "Takahiro Yokoyama"
+    ],
+    "description": "Judge0 does not account for symlinks placed inside the sandbox directory,\n          which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.",
+    "references": [
+      "CVE-2024-28185",
+      "CVE-2024-28189",
+      "URL-https://tantosec.com/blog/judge0/"
+    ],
+    "platform": "Linux",
+    "arch": "",
+    "rport": 2358,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Linux Command"
+    ],
+    "mod_time": "2024-10-23 07:29:21 +0000",
+    "path": "/modules/exploits/linux/http/judge0_sandbox_escape_cve_2024_28189.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/judge0_sandbox_escape_cve_2024_28189",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "config-changes",
+        "artifacts-on-disk",
+        "ioc-in-logs"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": true
+  },
   "exploit_linux/http/kafka_ui_unauth_rce_cve_2023_52251": {
     "name": "Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.",
     "fullname": "exploit/linux/http/kafka_ui_unauth_rce_cve_2023_52251",