CVE-2024-25723

HIGH NUCLEI

ZenML ZenML Server - Improper Authentication

Title source: nuclei

Description

ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4, 0.43.1, and 0.42.2.

Exploits (1)

nomisec WORKING POC 4 stars

by david-botelho-mariano · poc

https://github.com/david-botelho-mariano/exploit-CVE-2024-25723

View Code ZIP pw:eip

Nuclei Templates (1)

ZenML ZenML Server - Improper Authentication

CRITICALVERIFIEDby David Botelho Mariano

Shodan: http.favicon.hash:-2028554187

FOFA: body="ZenML"

References (5)

[Product] https://github.com/zenml-io/zenml

[Product] https://github.com/zenml-io/zenml/compare/0.42.1...0.42.2

[Product] https://github.com/zenml-io/zenml/compare/0.43.0...0.43.1

[Product] https://github.com/zenml-io/zenml/compare/0.44.3...0.44.4

[Vendor Advisory] https://www.zenml.io/blog/critical-security-update-for-zenml-users

Scores

CVSS v3 8.8

EPSS 0.8684

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-284

Status published

Products (3)

pypi/zenml 0 - 0.42.2PyPI

zenml/zenml 0.43.0

zenml/zenml < 0.42.2

Published Feb 27, 2024

Tracked Since Feb 18, 2026