CVE-2024-27348 is a critical Remote Command Execution (RCE) vulnerability in Apache HugeGraph Server, a popular graph database system. The flaw resides in the Gremlin traversal language interface, which allows users to interact with the graph database. An attacker can exploit this vulnerability by sending specially crafted requests to the Gremlin server, potentially gaining the ability to bypass the sandbox and execute arbitrary code on the underlying system.

To mitigate this risk, the Apache Software Foundation recommends users to upgrade to HugeGraph version 1.3.0 or later and ensure it runs on Java 11. Additionally, implementing the built-in authentication system and configuring the "Whitelist-IP/port" function can help restrict access and improve security​.

python3 exploit.py -t http://<target_host>:<target_port> -c "<cmd>"

Detection script:

python detect.py --target http://<target_host> --port <target_port> --domain <your_domain>

This exploit script has been created solely for research and the development of effective defensive techniques. It is not intended to be used for any malicious or unauthorized activities. The script's author and owner disclaim any responsibility or liability for any misuse or damage caused by this software. Just so you know, users are urged to use this software responsibly and only by applicable laws and regulations. Use responsibly.