CVE-2024-24590

This repository contains a functional Python exploit for CVE-2024-24590, which leverages malicious pickle file uploads in ClearML to achieve remote code execution (RCE). The exploit supports both reverse shell and custom command execution modes, demonstrating the vulnerability's impact.

This repository contains a functional Python exploit for CVE-2024-24590, leveraging pickle deserialization in ClearML to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload that executes a reverse shell when deserialized by a target ClearML instance.

This repository contains a functional Python exploit for CVE-2024-24590, leveraging pickle deserialization in ClearML to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload that, when deserialized by a victim, executes a reverse shell to an attacker-controlled server.

This repository contains a functional exploit for CVE-2024-24590, leveraging ClearML's artifact upload feature to execute arbitrary commands via a malicious pickle file. The exploit establishes a reverse shell by dynamically configuring command execution parameters through command-line arguments.

This repository contains a functional exploit for CVE-2024-24590, leveraging improper deserialization in ClearML to achieve remote code execution via a malicious Pickle file. The exploit crafts a reverse shell payload and uploads it as an artifact to trigger execution.

This repository contains a functional exploit for CVE-2024-24590, leveraging deserialization of untrusted data in Allegro AI’s ClearML client SDK (versions 0.17.0 to 1.14.2). The exploit uploads a malicious pickle artifact to execute a reverse shell via a crafted `__reduce__` method.

This repository contains a functional exploit for CVE-2024-24590, a deserialization vulnerability in ClearML. The exploit uploads a malicious pickle artifact to achieve remote command execution via a reverse shell.