7ddffc790c
Merge pull request #19460 from gardnerapp/game_overlay
...
Land #19460 , CVE-2023-2640, CVE-2023-32629 Game Overlay Ubuntu Privilege Escalation
2024-12-18 14:44:57 -06:00
b7f477172f
Update docs to reflect recent changes
2024-12-18 14:08:10 -06:00
531ed162db
Land #19733 , exploit module for CVE-2022-40471 - unauthenticated RCE
2024-12-18 12:44:34 +01:00
6f9982db54
Land #19647 Added module for WSO2 API Manager RCE
...
Adds an exploit module for a vulnerability in the 'Add API Documentation' feature of WSO2 API Manager and allows malicious users with specific permissions to upload arbitrary files to a user-controlled server location. This flaw allows for RCE on the target system.
2024-12-16 07:27:23 -08:00
d196591845
Modified documentation
2024-12-16 15:47:30 +05:30
06528abe05
Added documentation
2024-12-16 15:33:29 +05:30
e06dd6deea
Update documentation
2024-12-12 22:10:11 +01:00
7d559e0b34
Add exploit module for CVE-2024-8856 - WP Time Capsule RCE
2024-12-11 01:14:17 +01:00
f36d786736
Merge pull request #19696 from smashery/add_user_module
...
Add user module
2024-12-10 11:26:49 -05:00
f05145dd1e
Tweak the documentation verbiage slightly
2024-12-10 10:58:17 -05:00
4c0a403b64
Land #19701 , Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
...
Land #19701 , Auxiliary Module for CVE-2021-24762: WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
2024-12-10 15:44:50 +01:00
095bd946f4
docs: updated docs
2024-12-10 15:35:16 +01:00
0b5e221620
Land #19533 , Update werkzeug rce module
2024-12-09 12:56:35 -08:00
bd1320f722
Merge branch 'rapid7:master' into wp_perfect_survey_sqli
2024-12-09 23:17:20 +05:30
8b93f1a087
Merge branch 'master' into smb_change_pw
2024-12-09 09:37:45 -05:00
4ce4cf472e
Update werkzeug_debug_rce.md
...
Added note about python3 version in verification steps because the version may change when a newer docker image becomes available.
Added report.txt as a file because I apparently forgot it before and the containers fail to build without it.
2024-12-08 21:11:03 +00:00
0e5cf3f7ba
Land #19649 , Primefaces RCE (CVE-2017-1000486)
2024-12-06 16:22:06 -08:00
6cfc18a1e7
Land #19661 , WordPress Really Simple Security Plugin RCE (CVE-2024-10924)
2024-12-06 16:19:56 -08:00
909476ee64
Merge pull request #19671 from smashery/ldap_change_pw
...
LDAP Change Password module
2024-12-06 17:13:50 -05:00
be30a06af4
Land #19430 , Moodle RCE (CVE-2024-43425) Module
...
Land #19430 , Moodle RCE (CVE-2024-43425) Module
2024-12-06 12:15:35 +01:00
500df59156
Changed plaintext to sh for better looking output
2024-12-06 12:44:50 +05:30
547bc96603
Modified the output in the document
2024-12-06 12:43:20 +05:30
f426dc6c20
msftidy_docs Fixes
2024-12-06 12:02:18 +05:30
897dfcd328
Added documentation of the auxiliary module
2024-12-06 11:57:04 +05:30
75a334ca0a
Changes from code review
2024-12-06 16:05:53 +11:00
7c46d4d02d
Updated text to be clearer about the AES kerberos behaviour
2024-12-06 14:28:44 +11:00
d5b2d760e8
Updated ancillary documentation
2024-12-06 07:53:19 +11:00
8ac7348be0
Land #19608 CyberPanel Pre-Auth RCE
...
Adds a CyberPanel Pre-Auth RCE Exploit Module for (CVE-2024-51378 / CVE-2024-51567 / CVE-2024-51568)
2024-12-05 09:35:35 -08:00
5290750cca
Update doc
2024-12-05 16:19:14 +01:00
a123234141
Add CVE-2024-10924
2024-12-05 16:19:09 +01:00
e8911f9129
Land #19402 vCenter Sudo LPE (CVE-2024-37081)
2024-12-04 18:25:05 -08:00
21cf475cbb
Land #19595 Ivanti Connect Secure auth RCE via OpenSSL (CVE-2024-37404)
2024-12-04 08:26:07 -08:00
ab2ca41eb8
Land #19629 , Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
...
Land #19629 , Chamilo v1.11.24 Unrestricted File Upload (CVE-2023-4220)
2024-12-04 16:49:56 +01:00
fabced539d
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-12-04 16:44:48 +01:00
58702f238c
Land #19574 , Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
...
Land #19574 , Windows Access Mode Mismatch LPE in ks.sys (CVE-2024-35230)
2024-12-04 16:39:43 +01:00
2d1af7d809
Land #19648 Add exploit module for FortiManager (CVE-2024-47575)
2024-12-02 18:31:25 -08:00
d22c6996be
Merge pull request #18877 from h00die/xspy
...
New module to replicate xspy tool (and X11 library)
2024-12-02 13:38:37 -05:00
a230a353e4
Land #19613 Asterisk authenticated rce via AMI (CVE-2024-42365)
2024-12-02 08:21:35 -08:00
3dcb9d58ab
Code review
2024-12-02 14:02:07 +01:00
c943cc6378
Add module and documentation
2024-12-02 14:02:07 +01:00
5cdf7ae175
Update documentation/modules/exploit/unix/webapp/cyberpanel_preauth_rce_multi_cve.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-11-30 13:55:02 +01:00
c4b7954f15
Land #19596 , Wordpress Plugin Post SMTP Account Takeover
2024-11-29 09:05:03 -08:00
d13bccca05
peer review
2024-11-28 20:24:25 -05:00
1906646e67
peer review
2024-11-28 13:18:47 -05:00
a945a54fc3
Merge remote-tracking branch 'origin/master' into acronis-rce
2024-11-27 21:50:53 +00:00
7de3d117b8
Land #19582 Acronis Cyber Backup/Protect Info Disclosure
2024-11-27 07:50:16 -08:00
492ccca1aa
review
2024-11-23 12:43:35 -05:00
dc445ed1ac
Apply suggestions from code review
2024-11-23 00:57:08 +01:00
502e415344
Merge pull request #19630 from remmons-r7/cups_ipp_rce
...
Exploit module for IPP attributes remote code execution - OpenPrinting CUPS
2024-11-22 09:22:21 -05:00
000ffb2406
make the check routine return a message for Detected.
2024-11-22 12:37:50 +00:00
Brendan