NOMISEC-aleister1102/kibana-prototype-pollusion

NOMISEC WORKING POC

Exploit for CVE-2019-7609 - Kibana Timelion Prototype Pollution RCE

AI Analysis

This repository contains a working proof-of-concept exploit for CVE-2019-7609, demonstrating prototype pollution in Kibana's Timelion visualizer leading to arbitrary code execution. The exploit leverages Node.js child process spawning with manipulated environment variables to achieve RCE.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 60

https://github.com/aleister1102/kibana-prototype-pollusion

Stars 0

Forks 0

Last Push Jun 29, 2024

Authors

aleister1102

Vulnerability

CVE-2019-7609

Kibana Timelion Prototype Pollution RCE

CRITICAL KEV

CVSS 10.0