CVE-2024-57609

HIGH

Kanaries Inc Pygwalker <0.4.9.9 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-57609. PoCs published by Mr-UN533N, str4ng3r-0x7.

AI-analyzed exploit summary This repository demonstrates an open redirect vulnerability in Kanaries by manipulating the `redirect_path` parameter during the login process. The PoC shows how an attacker can redirect users to arbitrary malicious sites by modifying the URL parameter.

Description

An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive information and execute arbitrary code via the redirect_path parameter of the login redirection function.

Exploits (2)

nomisec WORKING POC

by Mr-UN533N · poc

https://github.com/Mr-UN533N/CVE-2024-57609

View Code ZIP pw:eip

This repository demonstrates an open redirect vulnerability in Kanaries by manipulating the `redirect_path` parameter during the login process. The PoC shows how an attacker can redirect users to arbitrary malicious sites by modifying the URL parameter.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Kanaries (version not specified)

No auth needed

Prerequisites: User interaction required to click on a malicious link

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Mar 15, 2026 Full analysis →

nomisec WRITEUP

by str4ng3r-0x7 · poc

https://github.com/str4ng3r-0x7/CVE-2024-57609

View Code ZIP pw:eip

This repository documents an open redirect vulnerability in Kanaries, where the `redirect_path` parameter in the login flow can be manipulated to redirect users to arbitrary domains. The PoC demonstrates the issue but does not include exploit code.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Kanaries (version unspecified)

No auth needed

Prerequisites: Access to the Kanaries login page · Ability to modify the `redirect_path` parameter

MITRE ATT&CK

T1505 - Server Software Component T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://github.com/nca785/CVE-2024-57609/

Scores

CVSS v3 8.6

EPSS 0.0065

EPSS Percentile 46.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Published Feb 06, 2025

Tracked Since Feb 18, 2026