Skip to content

Commit 2ce0a7a

Browse files
h4x-x0rh4x-x0r
committed
v7.15 Support added
Updated to work with v7.15 too.
1 parent 6dbb264 commit 2ce0a7a

File tree

2 files changed

+6
-4
lines changed

2 files changed

+6
-4
lines changed

documentation/modules/exploit/multi/misc/calibre_exec.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,12 @@
22

33
**Vulnerability Description**
44

5-
This module exploits a vulnerability in Calibre <= v6.9.0 - v7.14.0 (CVE-2024-6782).
5+
This module exploits a vulnerability in Calibre <= v6.9.0 - v7.15.0 (CVE-2024-6782).
66

77
An unauthenticated remote attacker can exploit this vulnerability to gain arbitrary code execution in the context of which Calibre is being
88
executed.
99

10-
All versions between v6.9.0 - v7.14.0 are affected. STAR Labs published [an advisory](https://starlabs.sg/advisories/24/24-6782/) that
10+
All versions between v6.9.0 - v7.15.0 are affected. STAR Labs published [an advisory](https://starlabs.sg/advisories/24/24-6782/) that
1111
includes the root cause analysis and a proof-of-concept.
1212

1313
**Vulnerable Application Installation**
@@ -17,12 +17,14 @@ Calibre can be downloaded from [here](https://download.calibre-ebook.com/).
1717
**Successfully tested on**
1818

1919
Windows:
20+
- Calibre v7.15 on Windows 10 22H2
2021
- Calibre v7.14 on Windows 10 22H2
2122
- Calibre v7.0 on Windows 10 22H2
2223
- Calibre v6.29 on Windows 10 22H2
2324
- Calibre v6.9 on Windows 10 22H2
2425

2526
Linux:
27+
- Calibre v7.15 on Ubuntu 24.04 LTS
2628
- Calibre v7.14 on Ubuntu 24.04 LTS
2729
- Calibre v7.0 on Ubuntu 24.04 LTS
2830
- Calibre v6.29 on Ubuntu 24.04 LTS

modules/exploits/multi/misc/calibre_exec.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ def initialize(info = {})
99
info,
1010
'Name' => 'Calibre Python Code Injection (CVE-2024-6782)',
1111
'Description' => %q{
12-
This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.14.0. Once enabled (disabled by default), it will listen in its default configuration on all network interfaces on TCP port 8080 for incoming traffic, and does not require any authentication. The injected payload will get executed in the same context under which Calibre is being executed.
12+
This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.15.0. Once enabled (disabled by default), it will listen in its default configuration on all network interfaces on TCP port 8080 for incoming traffic, and does not require any authentication. The injected payload will get executed in the same context under which Calibre is being executed.
1313
},
1414
'License' => MSF_LICENSE,
1515
'Author' => [
@@ -93,7 +93,7 @@ def check
9393
vprint_status('Version retrieved: ' + version[1].to_s)
9494
end
9595

96-
if Rex::Version.new(version[1]) <= Rex::Version.new('7.14.0') && Rex::Version.new(version[1]) >= Rex::Version.new('6.9.0')
96+
if Rex::Version.new(version[1]) <= Rex::Version.new('7.15.0') && Rex::Version.new(version[1]) >= Rex::Version.new('6.9.0')
9797
return CheckCode::Appears
9898
else
9999
return CheckCode::Safe

0 commit comments

Comments
 (0)