Main Vulnerability Database Exploits ID:11862 - Exploit for Improper authentication in Cobbler - CVE-2024-47533

ID:11862 - Exploit for Improper authentication in Cobbler - CVE-2024-47533

Published: August 22, 2025

Vulnerability identifier: #VU100775

Vulnerability risk: High

CVE-ID: CVE-2024-47533

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
Cobbler

Link to public exploit:

https://github.com/baph00met/CVE-2024-47533

Vulnerability description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process within the utils.get_shared_secret(), which always returns the "-1" value and as a result allows anyone to connect to the XML-RPC interface as user `''` password "-1". A remote attacker can bypass authentication process and perform arbitrary changes in the application.

Remediation

Install updates from vendor's website.

ID:11862 - Exploit for Improper authentication in Cobbler - CVE-2024-47533

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human