CVE-2024-55964

CRITICAL

Appsmith < 1.52 - Authenticated Remote Code Execution via PostgreSQL Datasource Query

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-55964. PoCs published by Whit Taylor (Rhino Security Labs), Takahiro Yokoyama, including Metasploit module exploits/linux/http/appsmith_rce_cve_2024_55964.

AI-analyzed exploit summary This Metasploit module exploits an incorrectly configured PostgreSQL instance in Appsmith to achieve remote command execution inside the Docker container. It automates user signup, workspace access, and PostgreSQL plugin manipulation to execute arbitrary commands via the COPY FROM PROGRAM feature.

Description

An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that datasource, and execute that query.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Whit Taylor (Rhino Security Labs), Takahiro Yokoyama · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/appsmith_rce_cve_2024_55964.rb

View Code ZIP pw:eip

This Metasploit module exploits an incorrectly configured PostgreSQL instance in Appsmith to achieve remote command execution inside the Docker container. It automates user signup, workspace access, and PostgreSQL plugin manipulation to execute arbitrary commands via the COPY FROM PROGRAM feature.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Appsmith versions 1.20 to 1.51

No auth needed

Prerequisites: Network access to Appsmith instance on port 443 · PostgreSQL plugin available in the target environment

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://github.com/appsmithorg/appsmith/security/advisories/GHSA-m95x-4w54-gc83

Scores

CVSS v3 9.8

EPSS 0.0620

EPSS Percentile 92.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

appsmith/appsmith < 1.52

Published Mar 26, 2025

Tracked Since Feb 18, 2026