A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver.
Exploit Title: Datarobot -- Remote Code Execution
Date: 9/28/2021
Vendor Homepage: wwwdatarobotcom
Software Link: appdatarobotcom/
Version: TBD - awaiting build version from vendor
Tested on: The issue affects all versions of the product up to the date of this submission
Exploit Authors: Mike Coers & Pathfynder Inc
Exploit C ...