Datarobot - Remote Code Execution

Read Time:23 Second

Posted by Michael Coers on Feb 18

Exploit Title: Datarobot — Remote Code Execution
Date: 9/28/2021
Vendor Homepage: https://www.datarobot.com
Software Link: https://app.datarobot.com/
Version: TBD – awaiting build version from vendor
Tested on: The issue affects all versions of the product up to the date of this submission
Exploit Authors: Mike Coers & Pathfynder Inc
Exploit Contact: sm0key a t dnsfiltrate_io & micheal.coers a t pathfynder dot_io
Exploit Technique:…

GitPython-3.1.18-3.el8

FEDORA-EPEL-2025-106950fd79 Packages in this update: GitPython-3.1.18-3.el8 Update description: Backport upstream patches to fix CVE-2023-41040 Read More

April 16, 2025

LSN-0111-1: Kernel Live Patch Security Notice

It was discovered that the watch_queue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this...

April 16, 2025

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

FEDORA-2025-2280949271 Packages in this update: golang-github-openprinting-ipp-usb-0.9.30-4.fc40 Update description: rebuild with new golang to fix CVE-2025-22870 (fedora#2352013) Read More

April 16, 2025

mingw-libsoup-2.74.3-11.fc41

FEDORA-2025-bd12d23d21 Packages in this update: mingw-libsoup-2.74.3-11.fc41 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc42

FEDORA-2025-c4605302b8 Packages in this update: mingw-libsoup-2.74.3-11.fc42 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc40

FEDORA-2025-67e824b908 Packages in this update: mingw-libsoup-2.74.3-11.fc40 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

CVE Program Almost Unfunded

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

92% of Mobile Apps Found to Use Insecure Cryptographic Methods

Insurance firm Lemonade warns of breach of thousands of driving license numbers

Scalper Bots Fueling DVSA Driving Test Black Market

Chaos Reins as MITRE Set to Cease CVE and CWE Operations

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

Cybersecurity Warrior Mindset

Datarobot — Remote Code Execution

GitPython-3.1.18-3.el8

LSN-0111-1: Kernel Live Patch Security Notice

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

mingw-libsoup-2.74.3-11.fc41

mingw-libsoup-2.74.3-11.fc42

mingw-libsoup-2.74.3-11.fc40