CVE-2021-43857

Exploitation Summary

EIP tracks 6 public exploits for CVE-2021-43857. PoCs published by Jeremiasz Pluta, lowkey0808, afifudinmtop.

AI-analyzed exploit summary This exploit demonstrates an authenticated RCE vulnerability in Gerapy versions prior to 0.9.8. It logs in, retrieves project details, and executes a reverse shell payload via a crafted API request.

Description

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.

Exploits (6)

exploitdb WORKING POC

by Jeremiasz Pluta · pythonremotepython

https://www.exploit-db.com/exploits/50640

View Code ZIP pw:eip

This exploit demonstrates an authenticated RCE vulnerability in Gerapy versions prior to 0.9.8. It logs in, retrieves project details, and executes a reverse shell payload via a crafted API request.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gerapy < 0.9.8

Auth required

Prerequisites: Valid credentials for Gerapy · Network access to the target · Netcat or similar listener for reverse shell

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by lowkey0808 · poc

https://github.com/lowkey0808/CVE-2021-43857

View Code ZIP pw:eip

This PoC exploits CVE-2021-43857, a command injection vulnerability in Gerapy, by authenticating with provided credentials and injecting a reverse shell payload into the 'spider' parameter of the '/api/project/robots/parse' endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Gerapy (version not specified)

Auth required

Prerequisites: Valid credentials for the target Gerapy instance · Network access to the target · Listener set up for reverse shell

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1078 - Valid Accounts T1090 - Proxy

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by afifudinmtop · poc

https://github.com/afifudinmtop/CVE-2021-43857-Gerapy-v0.9.7

View Code ZIP pw:eip

This exploit targets CVE-2021-43857, a remote code execution vulnerability in Gerapy versions prior to 0.9.8. It authenticates as an admin user, retrieves project details, and executes a reverse shell payload via a crafted API request.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gerapy < 0.9.8

Auth required

Prerequisites: Valid admin credentials · Network access to the target · Netcat or similar listener set up

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1078 - Valid Accounts T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by ProwlSec · poc

https://github.com/ProwlSec/gerapy-cve-2021-43857

View Code ZIP pw:eip

This is a functional exploit for CVE-2021-43857, an authenticated RCE vulnerability in Gerapy < 0.9.8. It automates login, project creation, and delivers a reverse shell payload via command injection in the spider field.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gerapy < 0.9.8

Auth required

Prerequisites: Network access to target · Default or known credentials · Netcat installed on attacker machine

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1078 - Valid Accounts T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by G4sp4rCS · poc

https://github.com/G4sp4rCS/CVE-2021-43857-POC

View Code ZIP pw:eip

This PoC exploits CVE-2021-43857 in Gerapy < 0.9.8 by authenticating, fetching a project, and triggering a reverse shell via command injection in the spider field. It uses a netcat listener for the payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gerapy < 0.9.8

Auth required

Prerequisites: valid credentials · network access to target · netcat installed on attacker machine

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1078 - Valid Accounts T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

inthewild WORKING POC

poc

https://github.com/longwayhomie/cve-2021-43857

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2021-43857, a remote code execution vulnerability in Gerapy versions prior to 0.9.8. The exploit authenticates to the application, retrieves project details, and executes a reverse shell payload via the vulnerable spider mechanism.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gerapy < 0.9.8

Auth required

Prerequisites: valid credentials · existing project in the target application

MITRE ATT&CK