Jupyter Notebook Unauthorized Access To Remote Command Execution Vulnerability
Jupyter Notebook Unauthorized Access To Remote Command Execution Vulnerability
Jupyter Notebook Unauthorized Access to Remote Command Execution Vulnerability
Vulnerability Description
Jupyter Notebook (formerly known as IPython notebook) is an interactive notebook that supports running over 40 programming languages.
If the administrator does not configure a password for the Jupyter Notebook, an unauthorized access vulnerability can be created where the visitor can create a console and execute arbitrary Python code and commands.
Vulnerability Impact
Jupyter Notebook
Network surveying and mapping
app=”Jupyter-Notebook” && body=”Terminal”
Vulnerability reappears
Visit the target, click Terminal to open the command line interface
Execute the command and bounce the shell
This post is licensed under CC BY 4.0 by the author.