Exploitation Summary
CVE-2022-24706 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added August 25, 2022.
EIP tracks 7 public exploits from researchers including Konstantin Burov, sadshade, ahmetsabrimert, including a Metasploit module exploits/multi/http/apache_couchdb_erlang_rce.
A Nuclei detection template is also available.
AI-analyzed exploit summary This exploit leverages the Erlang Distribution Protocol to achieve remote code execution on Apache CouchDB 3.2.1 and below by authenticating with a default cookie and sending crafted commands. It interacts with the EPMD port to discover nodes and then executes arbitrary commands via the Erlang port.
Description
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations.
Exploits (7)
This exploit leverages the Erlang Distribution Protocol to achieve remote code execution on Apache CouchDB 3.2.1 and below by authenticating with a default cookie and sending crafted commands. It interacts with the EPMD port to discover nodes and then executes arbitrary commands via the Erlang port.
This is a functional exploit for CVE-2022-24706, targeting Apache CouchDB 3.2.1 and below via the Erlang Distribution Protocol. It leverages the default Erlang cookie to achieve remote code execution by sending crafted messages to the EPMD and Erlang ports.
This repository contains a README.md file referencing a blog post about CVE-2022-24706, an RCE vulnerability in Apache CouchDB. No exploit code or technical details are provided in the repository itself.
This repository provides an Nmap NSE script to check for CVE-2022-24706, a Remote Code Execution (RCE) vulnerability in Apache CouchDB 3.2.1. The script scans for the vulnerability but does not include an exploit payload.
The repository contains only a README.md file with minimal information about CVE-2022-24706, lacking any exploit code or technical details. No functional PoC or exploit logic is present.
This repository contains a functional Go-based exploit for CVE-2022-24706, targeting Apache CouchDB's Erlang distribution protocol for remote command execution. The PoC interacts with EPMD to discover the Erlang port, performs authentication using the default cookie, and sends crafted commands.
This Metasploit module exploits CVE-2022-24706, an authentication bypass in Apache CouchDB prior to 3.2.2, by leveraging the default Erlang cookie 'monster' to execute arbitrary commands via the Erlang distribution protocol.
Nuclei Templates (1)
product:"CouchDB" || product:"couchdb" || cpe:"cpe:2.3:a:apache:couchdb"
References (11)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H