CVE-2017-12635

This Metasploit module exploits CVE-2017-12636 in Apache CouchDB, allowing arbitrary command execution by leveraging misconfigured query servers. It includes an authentication bypass (CVE-2017-12635) to gain admin privileges.

This exploit leverages CVE-2017-12635 to create an admin user in Apache CouchDB by sending a crafted PUT request to the _users endpoint. It bypasses authentication by exploiting improper validation of user roles.

This PoC demonstrates a privilege escalation vulnerability in Apache CouchDB (CVE-2017-12635) by exploiting a discrepancy between Erlang and JavaScript JSON parsers. The attack involves submitting a user document with duplicate 'roles' keys to bypass validation and escalate to admin privileges.

This PoC demonstrates a vertical privilege escalation vulnerability in Apache CouchDB (CVE-2017-12635) by exploiting a discrepancy in JSON parsing between Erlang and JavaScript. It allows an unauthenticated attacker to create an admin user by sending a crafted HTTP request with duplicate 'roles' fields.

This Metasploit module enumerates CouchDB databases and server information via the REST API, with optional user creation for vulnerable versions. It does not contain offensive payloads but checks for CVE-2017-12635.

This Metasploit module exploits CVE-2017-12635 and CVE-2017-12636 in Apache CouchDB to achieve remote command execution by leveraging authentication bypass and misconfigured query server paths. It supports both CouchDB 1.x and 2.x versions.