Metasploit | Penetration Testing Software, Pen Testing Security

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Title	Date	Author
Land #19255, Add SolarWinds Serv-U aux module This module exploits an unauthenticated file read vulnerability, due to directory traversal, affecting SolarWinds Serv-U FTP Server 15.4, Serv-U Gateway 15.4, and Serv-U MFT Server 15.4. All versions prior to the vendor supplied hotfix "15.4.2 Hotfix 2" (version 15.4.2.157) are affected.	Jun 19, 2024	jheysel-r7
Land #19176, Add missing Arch parameter Adding Arch parameter to dnn_cookie_deserialization_rce module	Jun 18, 2024	smcintyre-r7
Land #19253, Corrected a mistaken CVE Corrected a mistaken CVE-ID in exploit references.	Jun 18, 2024	smcintyre-r7
Land #18829, Allow multiple HttpServers in module Adding multiple HttpServer services in a module is sometimes complex since they share the same methods. This usually this causes issues where on_request_uri needs to be overridden to handle requests coming from each service. This updates the cmdstager and the Java HTTP ClassLoader mixins, since these are commonly used in the same module. This also updates the manageengine_servicedesk_plus_saml_rce_cve_2022_47966 module to make use of these new changes	Jun 18, 2024	jheysel-r7
Land #19247, PHP CGI Arg injection RCE XAMPP installs running on Windows system configured to use Japanese or Chinese (simplified or traditional) locales are vulnerable to a PHP CGI argument injection vulnerability. This exploit module returns a session running in the context of the Administrator user	Jun 17, 2024	jheysel-r7
Land #19249, Apache OFBiz Directory Traversal RCE Apache OFBiz Directory Traversal RCE [CVE-2024-32113]	Jun 17, 2024	smcintyre-r7

Title

Date

Author

Land #19255, Add SolarWinds Serv-U aux module This module exploits an unauthenticated file read vulnerability, due to directory traversal, affecting SolarWinds Serv-U FTP Server 15.4, Serv-U Gateway 15.4, and Serv-U MFT Server 15.4. All versions prior to the vendor supplied hotfix "15.4.2 Hotfix 2" (version 15.4.2.157) are affected.

Jun 19, 2024

jheysel-r7

Land #19176, Add missing Arch parameter Adding Arch parameter to dnn_cookie_deserialization_rce module

Jun 18, 2024

smcintyre-r7

Land #19253, Corrected a mistaken CVE Corrected a mistaken CVE-ID in exploit references.

Jun 18, 2024

smcintyre-r7

Land #18829, Allow multiple HttpServers in module Adding multiple HttpServer services in a module is sometimes complex since they share the same methods. This usually this causes issues where on_request_uri needs to be overridden to handle requests coming from each service. This updates the cmdstager and the Java HTTP ClassLoader mixins, since these are commonly used in the same module. This also updates the manageengine_servicedesk_plus_saml_rce_cve_2022_47966 module to make use of these new changes

Jun 18, 2024

jheysel-r7

Land #19247, PHP CGI Arg injection RCE XAMPP installs running on Windows system configured to use Japanese or Chinese (simplified or traditional) locales are vulnerable to a PHP CGI argument injection vulnerability. This exploit module returns a session running in the context of the Administrator user

Jun 17, 2024

jheysel-r7

Land #19249, Apache OFBiz Directory Traversal RCE Apache OFBiz Directory Traversal RCE [CVE-2024-32113]

Jun 17, 2024

smcintyre-r7

Latest Pull Requests

Name	Labels	Author
Fix the powershell_base64 encoder	rn-fix	zeroSteiner
Update windows acceptance tests	rn-no-release-notes	adfoster-r7
Update linting Ruby version	rn-no-release-notes	adfoster-r7
Update docs ruby version	rn-no-release-notes	adfoster-r7
Fix warnings in acceptance tests	rn-fix	adfoster-r7
Add auxiliary module for SolarWinds Serv-U directory transversal vulnerability (CVE-2024-28995)	module , docs , rn-modules	sfewer-r7

Name

Labels

Author

Fix the powershell_base64 encoder

rn-fix

zeroSteiner

Update windows acceptance tests

rn-no-release-notes

adfoster-r7

Update linting Ruby version

rn-no-release-notes

adfoster-r7

Update docs ruby version

rn-no-release-notes

adfoster-r7

Fix warnings in acceptance tests

rn-fix

adfoster-r7

Add auxiliary module for SolarWinds Serv-U directory transversal vulnerability (CVE-2024-28995)

module , docs , rn-modules

sfewer-r7

Create a Pull Request

Recent Blog Posts

Fri Jun 21 2024

Metasploit Weekly Wrap-Up 06/21/2024

This week includes modules that target file traversal & arbitrary file read vulnerabilities for software such as Apache, SolarWinds, & Check Point....

Fri Jun 14 2024

Metasploit Weekly Wrap-Up 06/14/2024

This weeks Metasploit Weekly Wrap-Up includes 5 new module contents, 4 enhancements and features, and some bug fixes. Learn more about the updates....

Fri Jun 07 2024

Metasploit Weekly Wrap-Up 06/07/2024

This release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Command, Shell Bind TCP, & Shell Reverse TCP....

View More Metasploit Blog Posts