CVE-2024-34069

HIGH

Werkzeug < 3.0.3 - Remote Code Execution via Debugger PIN Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-34069. Includes Metasploit module exploits/multi/http/werkzeug_debug_rce.

AI-analyzed exploit summary This Metasploit module exploits the Werkzeug debug console to achieve remote code execution by generating or using known authentication cookies/PINs. It targets misconfigured production environments where the debugger is enabled.

Description

Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3.

Exploits (1)

metasploit WORKING POC GOOD

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/werkzeug_debug_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits the Werkzeug debug console to achieve remote code execution by generating or using known authentication cookies/PINs. It targets misconfigured production environments where the debugger is enabled.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Werkzeug (Flask, Django, or standalone) versions 3.0.3, 1.1.4, 1.0.1, 0.11.5, and 0.10

Auth required

Prerequisites: Debugger enabled in production · Network access to the target · Optional: Known PIN/cookie or system details for PIN generation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ/

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240614-0004/

Mailing List, Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/02/msg00026.html

Vendor Advisory x_refsource_confirm

https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985

Patch x_refsource_misc

https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692

View Patch ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.4365

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-352

Status published

Products (5)

debian/debian_linux 11.0

fedoraproject/fedora 38

fedoraproject/fedora 40

palletsprojects/werkzeug < 3.0.3

pypi/Werkzeug 0 - 3.0.3PyPI

Published May 06, 2024

Tracked Since Feb 18, 2026