Skip to content

Zeyad-Azima/CVE-2024-27348

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
CVE-2024-27348_Scanner.py
CVE-2024-27348_Scanner.py
 
 
README.md
README.md
 
 
targets.txt
targets.txt
 
 

Repository files navigation

CVE-2024-27348

For Ethical Usages only, Any harmful or malicious activities are not allowed. And it's your own responsability

Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 ), The Scanner will run 4 commands on the target (host,ping,curl,wget), As in case one of the utilities not found.

HugeGraphRCE

Ping logs from targets

Ping_Logs_Fromm_Targets

Dns lookup, web requests from targets

http_dns_requests_from_targets

Usage

usage: [-h] [--file FILE] [--target TARGET] [--port PORT] [--domain DOMAIN]

Exploit CVE-2024-27348 Gremlin RCE in HugeGraph server from 1.0.0 Before 1.3.0

optional arguments:
  -h, --help            show this help message and exit
  --file FILE, -f FILE  File containing target addresses and ports W/ the following format: http://target,port e.x: http://localhost,8080
  --target TARGET, -t TARGET
                        Target IP address/domain
  --port PORT, -p PORT  Target port
  --domain DOMAIN, -d DOMAIN
                        Attacker domain (Your own domain to check ping/requests log)

Single Target

python3 CVE-2024-27348_Scanner.py -t http(s)://target_address -p port -d your_domain/ip

File

python3 CVE-2024-27348_Scanner.py -f targets_file -d your_domain/ip
  • File content format example in targets.txt

About

Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 )

Topics

exploit apache vulnerability cve cve-scanning vulnerability-scanners

Resources

Readme
Activity

Stars

51 stars

Watchers

1 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages