automatic module_metadata_base.json update

2025-02-17 16:51:25 +00:00
parent 05c9550d43
commit e60be7fcfb
1 changed files with 62 additions and 0 deletions
@@ -70682,6 +70682,68 @@
    "session_types": false,
    "needs_cleanup": null
  },
+  "exploit_linux/http/beyondtrust_pra_rs_unauth_rce": {
+    "name": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution",
+    "fullname": "exploit/linux/http/beyondtrust_pra_rs_unauth_rce",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-12-16",
+    "type": "exploit",
+    "author": [
+      "sfewer-r7"
+    ],
+    "description": "This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote\n          Access (PRA) and Remote Support (RS), with the privileges of the site user of the targeted BeyondTrust\n          product site. This exploit targets PRA and RS versions 24.3.1 and below.",
+    "references": [
+      "CVE-2024-12356",
+      "CVE-2025-1094",
+      "URL-https://www.beyondtrust.com/trust-center/security-advisories/bt24-10",
+      "URL-https://www.postgresql.org/support/security/CVE-2025-1094/",
+      "URL-https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "cmd",
+    "rport": 443,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Default"
+    ],
+    "mod_time": "2025-02-17 16:33:11 +0000",
+    "path": "/modules/exploits/linux/http/beyondtrust_pra_rs_unauth_rce.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/beyondtrust_pra_rs_unauth_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
  "exploit_linux/http/bitbucket_git_cmd_injection": {
    "name": "Bitbucket Git Command Injection",
    "fullname": "exploit/linux/http/bitbucket_git_cmd_injection",