CVE-2024-24590

HIGH

Allegro AI's ClearML <1.14.2 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 7 public exploits for CVE-2024-24590. PoCs published by diegogarciayala, rippxsec, rippsec.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2024-24590, which leverages malicious pickle file uploads in ClearML to achieve remote code execution (RCE). The exploit supports both reverse shell and custom command execution modes, demonstrating the vulnerability's impact.

Description

Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.

Exploits (7)

nomisec WORKING POC 9 stars
by diegogarciayala · poc
https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC

This repository contains a functional Python exploit for CVE-2024-24590, which leverages malicious pickle file uploads in ClearML to achieve remote code execution (RCE). The exploit supports both reverse shell and custom command execution modes, demonstrating the vulnerability's impact.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML (version not specified)
Auth required
Prerequisites: ClearML SDK installed · Valid ClearML credentials · Network access to ClearML server
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC 6 stars
by rippxsec · poc
https://github.com/rippxsec/CVE-2024-24590-ClearML-RCE-Exploit

This repository contains a functional Python exploit for CVE-2024-24590, leveraging pickle deserialization in ClearML to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload that, when deserialized by a victim, executes a reverse shell to an attacker-controlled server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML
Auth required
Prerequisites: ClearML environment configured · Victim must deserialize the malicious pickle payload · Network connectivity to attacker's listener
devstral-2 · analyzed Feb 23, 2026 Full analysis →
nomisec WORKING POC 6 stars
by rippsec · poc
https://github.com/rippsec/CVE-2024-24590-ClearML-RCE-Exploit

This repository contains a functional Python exploit for CVE-2024-24590, leveraging pickle deserialization in ClearML to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload that executes a reverse shell when deserialized by a target ClearML instance.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML (version not specified)
Auth required
Prerequisites: ClearML instance accessible to the attacker · Valid ClearML project name · Network connectivity to the target · User interaction to deserialize the payload
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC 6 stars
by OxyDeV2 · poc
https://github.com/OxyDeV2/ClearML-CVE-2024-24590

This repository contains a functional exploit for CVE-2024-24590, leveraging ClearML's artifact upload feature to execute arbitrary commands via a malicious pickle file. The exploit establishes a reverse shell by dynamically configuring command execution parameters through command-line arguments.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML (version not specified)
Auth required
Prerequisites: ClearML account with task creation privileges · Network access to the target ClearML instance · Python environment with 'clearml' package installed
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC 4 stars
by sviim · poc
https://github.com/sviim/ClearML-CVE-2024-24590-RCE

This repository contains a functional exploit for CVE-2024-24590, leveraging improper deserialization in ClearML to achieve remote code execution via a malicious Pickle file. The exploit crafts a reverse shell payload and uploads it as an artifact to trigger execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML
Auth required
Prerequisites: ClearML library installed · Valid project name for task initialization · Network access to the target ClearML server
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC 1 stars
by junnythemarksman · poc
https://github.com/junnythemarksman/CVE-2024-24590

This repository contains a functional exploit for CVE-2024-24590, leveraging deserialization of untrusted data in Allegro AI’s ClearML client SDK (versions 0.17.0 to 1.14.2). The exploit uploads a malicious pickle artifact to execute a reverse shell via a crafted `__reduce__` method.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Allegro AI ClearML client SDK (0.17.0 to 1.14.2)
Auth required
Prerequisites: Valid ClearML credentials · Existing project in ClearML · Network access to the listener
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC
by j3r1ch0123 · poc
https://github.com/j3r1ch0123/CVE-2024-24590

This repository contains a functional exploit for CVE-2024-24590, a deserialization vulnerability in ClearML. The exploit uploads a malicious pickle artifact to achieve remote command execution via a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ClearML
Auth required
Prerequisites: ClearML instance · Python 3.8+ · clearml library installed · valid ClearML credentials
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.0
EPSS 0.0245
EPSS Percentile 82.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-502
Status published
Products (2)
clear/clearml 0.17.0 - 1.14.2
pypi/clearml 0.17.0PyPI
Published Feb 06, 2024
Tracked Since Feb 18, 2026