CVE-2017-12636

This Metasploit module exploits CVE-2017-12636 in Apache CouchDB, allowing arbitrary command execution by leveraging misconfigured query servers. It includes an authentication bypass (CVE-2017-12635) to gain admin privileges.

This exploit targets Apache CouchDB versions <= 1.7.0 and 2.x < 2.1.0, leveraging CVE-2017-12636 to achieve remote code execution by manipulating the query_servers configuration. It also includes privilege escalation via CVE-2017-12635 to create an admin user.

This exploit targets CVE-2017-12636, a remote code execution vulnerability in Apache CouchDB. It creates an admin user, then abuses the query_servers configuration to execute a reverse shell command via a crafted base64-encoded payload.

This PoC exploits CVE-2017-12636, a command injection vulnerability in Apache CouchDB, by creating an admin user and leveraging the query_servers configuration to execute arbitrary commands. The exploit demonstrates RCE by writing the output of the 'id' command to a file.

This Metasploit module exploits CVE-2017-12636, a vulnerability in Apache CouchDB that allows arbitrary command execution by leveraging misconfigured query server paths. It includes an authentication bypass (CVE-2017-12635) to gain admin privileges and then executes commands via HTTP requests to vulnerable endpoints.

This repository contains a functional exploit for CVE-2017-12636, targeting Apache CouchDB versions 1.6 and 2.1. The exploit leverages improper input validation to achieve remote code execution by creating an admin user and injecting a reverse shell command via the query_servers configuration.