0f6e2a62b5
Fix numbering
2024-07-24 19:27:11 +09:00
86ae938b1f
Add #
2024-07-24 18:55:52 +09:00
b023ebfb7d
Add space at EOL
2024-07-24 18:51:23 +09:00
dc60fe8025
Update skywalker.md
2024-07-24 18:49:09 +09:00
a18ce36459
Update empire_skywalker.md
2024-07-21 09:36:45 +09:00
48ea314138
Update empire_skywalker.md
2024-07-20 14:44:15 +09:00
ec45763f05
Add empire_skywalker module documentation
2024-07-20 14:10:00 +09:00
df8f281d18
Land #19204 , Zyxel VPN Series Pre-auth Command Injection
2024-07-03 20:14:39 +02:00
9cfaa2e69f
Lowered rank and explained mock testing
2024-06-24 09:13:46 -07:00
24fa34e7b9
Land #19188 , Netis MW5360 unauthenticated RCE [CVE-2024-22729]
2024-06-24 13:40:51 +02:00
12b1936e16
Fixed typo added Options section docs
2024-06-10 07:39:24 -07:00
55fa94995b
Updated check method
2024-06-06 22:23:35 +00:00
72f332aba0
Land #19150 , Add Flowmon Command Injection Module
...
Unauthenticated Command Injection Module for Progress Flowmon
CVE-2024-2389
2024-05-29 08:28:37 -04:00
d60524d0b3
Started docs file
2024-05-28 15:54:47 -04:00
a0597007e4
Minor fixes, respond to comments
2024-05-23 14:02:28 -04:00
67154a12e0
Land #19104 , CHAOS rat xss to rce
2024-05-21 11:10:57 +01:00
575e223657
Added documentation
2024-05-19 14:09:58 +00:00
d1739f32c2
review of chaos rat
2024-05-13 16:55:43 -04:00
a7e97e50ad
Add module for flowmon cmd injection CVE-2024-2389
2024-05-01 08:42:55 -07:00
512da4bc45
chaos rat xss to rce
2024-04-24 16:51:58 -04:00
a36244073f
Merge pull request #1 from bwatters-r7/update-18972
...
Remove Priv Esc to add it to another module and update it to only run…
2024-04-22 17:53:48 -07:00
c10bde97ff
Merge branch 'rapid7:master' into module/progress_kemp_loadmaster_unauth_cmd_injection
2024-04-22 17:53:32 -07:00
2ad13ac836
Added note about shell from a different IP than RHOST IP
2024-04-19 11:45:56 -05:00
4f3ee3f78a
Incorporate documentation wording change from suggestion
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2024-04-19 08:50:20 -05:00
982b6aef0a
Incorporating PAN-OS module peer review suggestions, adding documentation for the module
2024-04-18 18:21:12 -05:00
409f0e45a6
Remove Priv Esc to add it to another module and update it to only run once
2024-04-15 15:44:22 -05:00
6b2bdc893b
chore: remove repetitive words
...
Signed-off-by: fanqiaojun <fanqiaojun@yeah.net >
2024-04-15 11:06:50 +08:00
d7f3fd8cc0
Land #18915 , Add Watchguard RCE CVE-2022-26318
...
This PR adds a module for a buffer overflow at the administration
interface of WatchGuard Firebox and XTM appliances. The appliances are
built from a cherrypy python backend sending XML-RPC requests to a C
binary called wgagent using pre-authentication endpoint /agent/login.
This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before
12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Successful
exploitation results in remote code execution as user nobody.
2024-03-28 10:24:32 -07:00
e775c7c20a
Land #18967 , Artica Proxy unauthenticated RCE [CVE-2024-2054]
...
Merge branch 'land-18967' into upstream-master
2024-03-25 15:25:27 -05:00
f217312ad1
module and documentation updates based on review comments (bwatters-r7/cgranleese-r7)
2024-03-21 16:13:55 +00:00
2b90d33aef
Land #18618 , Add OpenNMS privesc and auth RCE
...
This module exploits built-in functionality in OpenNMS Horizon in order
to execute arbitrary commands as the opennms user. For versions 32.0.2
and higher, this module requires valid credentials for a user with
ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST.
For versions 32.0.1 and lower, credentials are required for a user with
ROLE_FILESYSTEM_EDITOR, ROLE_REST, and/or ROLE_ADMIN privileges.
2024-03-20 12:54:16 -07:00
149dc15b21
Add check to see if notifications are enabled
2024-03-20 11:33:15 -07:00
e32d05eab8
Add module and docs for CVE-2024-1212
2024-03-19 11:37:12 -07:00
e84fe947c2
third release module and documentation updates
2024-03-15 23:33:29 +00:00
5dd75e174b
second release module and documentation
2024-03-15 18:27:59 +00:00
7dbd25bcbf
added documentation
2024-03-05 18:42:09 +00:00
0aa20c73a4
Land #18832 , Add exploit module CVE-2023-47218
...
The PR adds a module targeting CVE-2023-47218, an
unauthenticated command injection vuln affecting QNAP
QTS and QuTH Hero.
2024-02-21 08:48:30 -08:00
d21e4080a9
Land #18792 , Ivanti Connect Secure - Unauth RCE (CVE-2024-21893 + CVE-2024-21887) #18792
...
Merge branch 'land-18792' into upstream-master
2024-02-20 17:40:12 -06:00
8cddffa3d1
Land #18700 , Add Kafka-ui Unauth RCE module
...
This PR adds an exploit module for CVE-2023-52251 which
is an unauthenticated rce vulnerability in Kafka's UI.
2024-02-16 15:38:52 -05:00
a1b0ff0fcf
Land #18681 , Update Apache Ofbiz w. Auth-Bypass
...
This PR updates the pre-existing apache_ofbiz_deserialization
module to include functionality that will bypass authentication by
using the newly discovered CVE-2023-51467.
2024-02-16 15:02:34 -05:00
6c252de974
Docs plus minor edits
2024-02-15 17:12:11 -05:00
d716e60cf2
added base64 encoder module of zerosteiner
2024-02-14 21:33:50 +00:00
996ca8a7c9
Update documentation/modules/exploit/linux/http/kafka_ui_unauth_rce_cve_2023_52251.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-02-14 20:57:46 +00:00
f75722ecf2
Small updates to module and documentation
2024-02-14 20:57:46 +00:00
eafdb8495b
Added documentation
2024-02-14 20:57:46 +00:00
1f292c8a73
remove the linux and unix targets in favor of a single automatic target
2024-02-09 09:26:08 +00:00
84278b8e0e
fix ofbiz auto detection
2024-02-06 16:45:02 -05:00
367783bcb5
add in RCE exploit for CVE-2024-21893
2024-02-06 11:49:04 +00:00
26e2b2e319
Add docs for opennms authenticated rce
2024-01-27 01:13:22 +02:00
c278ef9b73
Land #18648 , Add Module for GL.iNet products
...
This PR adds an exploit module for a number of
different GL.iNet network products. The module combines
an auth by-pass CVE-2023-50919 with an RCE CVE-2023-50445.
2024-01-23 14:57:29 -05:00
Takah1ro