aaronxu/vulhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
63285f61aaf4501a6660be7dfe98c70135c1b89b
vulhub/jupyter/notebook-rce
History
Aaron 63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Details
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Details
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Details
Vulhub Docker Image CI / images-test (push) Has been cancelled
Details
first commit
2025-09-06 16:08:15 +08:00
..
1.png
first commit
2025-09-06 16:08:15 +08:00
2.png
first commit
2025-09-06 16:08:15 +08:00
docker-compose.yml
first commit
2025-09-06 16:08:15 +08:00
README.md
first commit
2025-09-06 16:08:15 +08:00
README.zh-cn.md
first commit
2025-09-06 16:08:15 +08:00

README.md

Jupyter Notebook Unauthorized Access

中文版本(Chinese version)

The Jupyter Notebook (previous IPython notebook) is a web-based interactive computing platform.

If the administrator doesn't configure a password for Jupyter Notebook, this will lead to an unauthorized access vulnerability where attackers can create a console and execute arbitrary Python code and commands.

Vulnerable environment

Execute following command to start a Jupyter Notebook server:

docker compose up -d

After the server is started, you can see the index of Jupyter Notebook on http://your-ip:8888.

Vulnerability Reproduce

Click "New" -> "Terminal" to create a console:

Execute arbitrary commands in this console: