This Metasploit module exploits a SQL injection vulnerability in RudderStackâs rudder-server, an open source Customer Data Platform (CDP). The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may lead to remote code execution due to the rudder role in PostgreSQL having superuser permissions by default.Read More
Rudder Server SQL Injection / Remote Code Execution Exploit
