CVE-2023-30625

HIGH EXPLOITED NUCLEI

Rudder Server SQLI Remote Code Execution

Title source: metasploit

Description

rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.

Exploits (1)

metasploit WORKING POC EXCELLENT
by Ege Balcı <[email protected]> · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rudder_server_sqli_rce.rb

Nuclei Templates (1)

Rudder Server < 1.3.0-rc.1 - SQL Injection
HIGHby gy741

References (8)

Scores

CVSS v3 8.8
EPSS 0.8819
EPSS Percentile 99.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-12-04
CWE
CWE-89
Status published
Products (2)
rudderlabs/rudder-server 0 - 1.3.0-rc.1Go
rudderstack/rudder-server < 1.2.5
Published Jun 16, 2023
Tracked Since Feb 18, 2026