CVE-2019-7609

This PoC exploits CVE-2019-7609, a remote code execution vulnerability in Kibana versions < 5.6.15 and < 6.6.1. It leverages the Timelion API to inject malicious payloads, achieving RCE via Node.js child_process execution.

This PoC demonstrates a remote code execution (RCE) vulnerability in Kibana versions prior to 6.6.0 by exploiting the Timelion and Canvas features to inject malicious commands via prototype pollution.

This repository contains a working proof-of-concept exploit for CVE-2019-7609, a prototype pollution vulnerability in Kibana's Timelion visualizer. The exploit leverages JavaScript payloads to achieve remote code execution (RCE) by manipulating the prototype chain and executing arbitrary commands via Node.js child_process.

This repository provides a working proof-of-concept exploit for CVE-2019-7609, a remote code execution vulnerability in Kibana's Timelion visualizer. The exploit leverages prototype pollution to execute arbitrary commands via a reverse shell.

This is a Python-based exploit for CVE-2019-7609, targeting Kibana versions before 5.6.15 and 6.6.0. It achieves RCE by injecting a reverse shell payload via the Timelion visualizer API.

This repository provides a writeup and setup instructions for exploiting CVE-2019-7609, a prototype pollution vulnerability in Kibana's Timelion visualizer that can lead to RCE or DoS. It includes references to external sources and debugging setup but lacks actual exploit code.

This is a Python-based exploit for CVE-2019-7609, targeting Kibana versions before 6.6.1. It achieves remote code execution (RCE) by exploiting a vulnerability in the Timelion API to inject a reverse shell payload.

This PoC exploits CVE-2019-7609, a remote code execution vulnerability in Kibana versions < 5.6.15 and < 6.6.1. It leverages the Timelion API to inject malicious payloads, achieving RCE via prototype pollution and command execution.

This repository contains a working proof-of-concept exploit for CVE-2019-7609, demonstrating prototype pollution in Kibana's Timelion visualizer leading to arbitrary code execution. The exploit leverages Node.js child process spawning with manipulated environment variables to achieve RCE.

This repository contains a functional Python exploit for CVE-2019-7609, a remote code execution vulnerability in Kibana versions < 6.6.1. The exploit leverages the Timelion API to inject malicious payloads, achieving RCE via a reverse shell.

This repository contains a functional Python exploit for CVE-2019-7609, a remote code execution vulnerability in Kibana versions < 5.6.15 and < 6.6.1. The exploit leverages the Timelion API to inject malicious payloads, achieving RCE via prototype pollution and environment variable manipulation.

This repository provides a Docker lab setup and payloads for exploiting CVE-2019-7609, a prototype pollution vulnerability in Kibana that leads to remote code execution via the Timelion visualizer.

This repository contains a Python 3-compatible exploit for CVE-2019-7609, a remote code execution vulnerability in Kibana versions < 6.6.1. The exploit leverages the Timelion API to inject malicious payloads and achieve reverse shell access.

This Metasploit module exploits a prototype pollution vulnerability in Kibana's Timelion visualizer (CVE-2019-7609) to achieve remote code execution. It injects malicious payloads via the Timelion API, leveraging environment variable manipulation to execute arbitrary commands.

This repository contains a functional Python3 exploit for CVE-2019-7609, a prototype pollution vulnerability in Kibana < 6.6.1 that allows remote code execution. The exploit includes version detection, vulnerability verification, and an optional reverse shell payload.