CVE-2022-24706

This exploit leverages the Erlang Distribution Protocol to achieve remote code execution on Apache CouchDB 3.2.1 and below by authenticating with a default cookie and sending crafted commands. It interacts with the EPMD port to discover nodes and then executes arbitrary commands via the Erlang port.

This is a functional exploit for CVE-2022-24706, targeting Apache CouchDB 3.2.1 and below via the Erlang Distribution Protocol. It leverages the default Erlang cookie to achieve remote code execution by sending crafted messages to the EPMD and Erlang ports.

This repository contains a README.md file referencing a blog post about CVE-2022-24706, an RCE vulnerability in Apache CouchDB. No exploit code or technical details are provided in the repository itself.

This repository provides an Nmap NSE script to check for CVE-2022-24706, a Remote Code Execution (RCE) vulnerability in Apache CouchDB 3.2.1. The script scans for the vulnerability but does not include an exploit payload.

The repository contains only a README.md file with minimal information about CVE-2022-24706, lacking any exploit code or technical details. No functional PoC or exploit logic is present.

This repository contains a functional Go-based exploit for CVE-2022-24706, targeting Apache CouchDB's Erlang distribution protocol for remote command execution. The PoC interacts with EPMD to discover the Erlang port, performs authentication using the default cookie, and sends crafted commands.

This Metasploit module exploits CVE-2022-24706, an authentication bypass in Apache CouchDB prior to 3.2.2, by leveraging the default Erlang cookie 'monster' to execute arbitrary commands via the Erlang distribution protocol.