Back to KEVs

CVE-2023-38646

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the...

Basic Information

CVE State
PUBLISHED
Reserved Date
July 21, 2023
Published Date
July 21, 2023
Last Updated
August 02, 2024
Vendor
n/a
Product
n/a
Description
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.
Tags
nuclei_scanner metasploit_scanner nessus_scanner

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Score
94.22% (Percentile: 99.91%) as of 2025-05-26

Exploit Status

Exploited in the Wild
Yes (2025-05-05 00:00:00 UTC) Source

References

https://www.metabase.com/blog/security-advisory https://github.com/metabase/metabase/releases/tag/v0.46.6.1 https://news.ycombinator.com/item?id=36812256 https://github.com/metabase/metabase/issues/32552 http://packetstormsecurity.com/files/174091/Metabase-Remote-Code-Execution.html http://packetstormsecurity.com/files/177138/Metabase-0.46.6-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-04-28 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/metabase_setup_token_rce.rb 2025-04-29 11:01:13 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-38646.yaml 2025-04-26 00:00:00 UTC
Nessus https://www.tenable.com/plugins/nessus/189296 2024-01-22 21:43:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

metabase_setup_token_rce

Type: metasploit • Created: Unknown

Metasploit module for CVE-2023-38646

Mrunalkaran/CVE-2023-38646

Type: github • Created: 2023-11-07 03:57:15 UTC • Stars: 0

Metabase Pre-Auth RCE POC

Red4mber/CVE-2023-38646

Type: github • Created: 2023-10-25 17:10:53 UTC • Stars: 2

Python script to exploit CVE-2023-38646 Metabase Pre-Auth RCE via SQL injection

Pyr0sec/CVE-2023-38646

Type: github • Created: 2023-10-15 01:29:37 UTC • Stars: 8

Exploit script for Pre-Auth RCE in Metabase (CVE-2023-38646)

asepsaepdin/CVE-2023-38646

Type: github • Created: 2023-10-14 15:56:18 UTC • Stars: 0

threatHNTR/CVE-2023-38646

Type: github • Created: 2023-10-12 14:32:17 UTC • Stars: 0

This is a Proof of Concept (PoC) script for exploiting Metabase, an open-source business intelligence and data analytics tool.

passwa11/CVE-2023-38646

Type: github • Created: 2023-10-12 02:24:12 UTC • Stars: 0

nickswink/CVE-2023-38646

Type: github • Created: 2023-10-11 20:17:14 UTC • Stars: 3

CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase

yxl2001/CVE-2023-38646

Type: github • Created: 2023-10-08 07:36:57 UTC • Stars: 0

kh4sh3i/CVE-2023-38646

Type: github • Created: 2023-08-19 11:47:08 UTC • Stars: 8

Metabase Pre-auth RCE (CVE-2023-38646)

robotmikhro/CVE-2023-38646

Type: github • Created: 2023-08-09 14:05:24 UTC • Stars: 27

Automatic Tools For Metabase Exploit Known As CVE-2023-38646

fidjiw/CVE-2023-38646-POC

Type: github • Created: 2023-08-03 08:06:10 UTC • Stars: 1

CVE-2023-38646-POC

shamo0/CVE-2023-38646-PoC

Type: github • Created: 2023-08-02 13:21:58 UTC • Stars: 12

Metabase Pre-auth RCE

Zenmovie/CVE-2023-38646

Type: github • Created: 2023-07-31 11:18:21 UTC • Stars: 1

Proof of Concept for CVE-2023-38646

raytheon0x21/CVE-2023-38646

Type: github • Created: 2023-07-31 05:25:37 UTC • Stars: 0

Tools to exploit metabase CVE-2023-38646

securezeron/CVE-2023-38646

Type: github • Created: 2023-07-30 09:56:52 UTC • Stars: 20

POC for CVE-2023-38646

Xuxfff/CVE-2023-38646-Poc

Type: github • Created: 2023-07-30 09:33:28 UTC • Stars: 2

Chocapikk/CVE-2023-38646

Type: github • Created: 2023-07-30 01:12:24 UTC • Stars: 3

Remote Code Execution on Metabase CVE-2023-38646

0xrobiul/CVE-2023-38646

Type: github • Created: 2023-07-29 13:07:00 UTC • Stars: 15

Metabase Pre-auth RCE (CVE-2023-38646)!!

Pumpkin-Garden/POC_Metabase_CVE-2023-38646

Type: github • Created: 2023-07-28 11:43:06 UTC • Stars: 6

For educational purposes only

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nessus

  • Detected by Nuclei

  • Added to KEVIntel

  • Detected by Metasploit