漏洞描述 Jupyter Notebook(此前被称为 IPython notebook)是一个交互式笔记本,支持运行 40 多种编程语言。如果管理员未为JupyterNotebook配置密码,将导致未授权访问漏洞,游客可在其中创建一个console并执行任意Python代码和命令。
相关漏洞推荐 POCjupyter-notebook-rce: Jupyter Notebook RCE POCjupyter-notebooks-exposed: Jupyter notebooks exposed to reading and writing POCjupyter-notebook-rce: Jupyter Notebook - Remote Command Execution 无POCJupyter Notebook 弱口令漏洞 无POCWindows Visual Studio Code Jupyter Notebook 远程代码执行漏洞