CVE-2023-39593

MEDIUM

MariaDB - Authenticated Command Injection via sys_exec Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-39593. PoCs published by Ant1sec-ops.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-39593, leveraging MariaDB's User-Defined Function (UDF) feature to achieve remote code execution. The exploit involves uploading a malicious DLL via base64 encoding and executing system commands through a custom UDF function.

Description

Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

Exploits (1)

nomisec WORKING POC 2 stars
by Ant1sec-ops · poc
https://github.com/Ant1sec-ops/CVE-2023-39593

This repository contains a functional exploit for CVE-2023-39593, leveraging MariaDB's User-Defined Function (UDF) feature to achieve remote code execution. The exploit involves uploading a malicious DLL via base64 encoding and executing system commands through a custom UDF function.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MariaDB 10.5
Auth required
Prerequisites: Authenticated access to MariaDB · Privileges to create and load UDFs · Access to the plugin directory
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory
https://github.com/Ant1sec-ops/CVE-2023-39593

Scores

CVSS v3 5.6
EPSS 0.0073
EPSS Percentile 49.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (1)
mariadb/mariadb 10.5.0
Published Oct 17, 2024
Tracked Since Feb 18, 2026