140b93e802
Land #20022 , Langflow RCE module
...
Add Langflow unauth RCE module (CVE-2025-3248)
2025-04-14 08:24:44 +02:00
c7fdcc8e91
Update the document
2025-04-12 10:21:13 +09:00
f67dfe6a62
Update check
2025-04-11 21:51:45 +09:00
0c20606c8c
Update documentation/modules/exploit/multi/http/langflow_unauth_rce_cve_2025_3248.md
...
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com >
2025-04-11 20:44:03 +09:00
0b4e133001
Land #20018 , pgAdmin Authenticated RCE (CVE-2025-2945)
...
pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)
2025-04-11 10:34:02 +02:00
718a0bc5c7
Change directory from linux to multi
2025-04-11 14:45:10 +09:00
4cec129e1c
Responded to comments
2025-04-10 10:53:05 -07:00
ddb29d6181
Removed unnecessary method
2025-04-10 07:18:42 -07:00
290a35b0f6
pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)
2025-04-09 17:32:10 -07:00
4da78bd550
Merge pull request #19994 from sfewer-r7/CVE-2021-35587
...
Adds exploit module for CVE-2021-35587, an unauthenticated deserialization vulnerability affecting Oracle Access Manager (OAM).
2025-04-08 08:59:18 -05:00
03f5291bcc
Improve the documentation, fix typo in console commands, add comment to wait for DB container to complete setup (Thanks Brendan).
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2025-04-08 09:41:47 +01:00
16e374750f
Improve the documentation, add steps to create /opt/oracle/user_projects (thanks Brendan).
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2025-04-08 09:40:21 +01:00
d16eeab32c
Merge pull request #19995 from chutton-r7/cve-2025-24813
...
Module for CVE-2025-24813
2025-04-02 14:20:52 -07:00
b85faf9440
Update documentation
2025-04-02 14:10:46 -07:00
6816589378
Added FileDropper for cleanup
2025-04-02 13:37:39 -07:00
fefb954827
Correct Tomcat version listed in Scenarios section
2025-04-02 13:02:26 -07:00
4058173a1c
Correct spelling
2025-04-02 12:57:20 -07:00
b44540bc35
update docs to give some more detail on the testing setup
2025-04-02 20:51:39 +01:00
1e58d419f6
Updated docs, added Setup steps
2025-04-02 12:03:21 -07:00
dc74b37577
add in a scenario for the Unix Command target to the docs
2025-04-02 15:32:18 +01:00
917aaeb027
Add module docs
2025-04-02 10:22:01 +01:00
c5d3512659
update docs
2025-04-01 13:05:28 +01:00
acafd884b5
add in the initial exploit for CVE-2021-35587, only tested on 12.2.1.4.0 so far.
2025-04-01 12:56:38 +01:00
8479350b3e
Update documentation
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2025-03-28 03:17:47 +11:00
8423d6ff87
Update removal of default page while installation
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2025-03-27 22:11:21 +11:00
9bdff3e803
Add extra dependencies during installation
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2025-03-27 22:10:32 +11:00
162e73a62e
add module documentation
2025-03-22 04:57:38 -04:00
9bd8590b99
Merge pull request #19793 from sfewer-r7/CVE-2024-55956
...
Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution (CVE-2024-55956)
2025-01-15 15:04:45 -06:00
1a839c0b33
move acronis_cyber_protect_unauth_rce_cve_2022_3405 inside the http folder
2025-01-09 16:30:51 -05:00
3ff685b70e
fix three typos
2025-01-06 09:42:21 +00:00
fe7334fae2
add in CVE-2024-55956 exploit
2025-01-06 09:26:44 +00:00
531ed162db
Land #19733 , exploit module for CVE-2022-40471 - unauthenticated RCE
2024-12-18 12:44:34 +01:00
6f9982db54
Land #19647 Added module for WSO2 API Manager RCE
...
Adds an exploit module for a vulnerability in the 'Add API Documentation' feature of WSO2 API Manager and allows malicious users with specific permissions to upload arbitrary files to a user-controlled server location. This flaw allows for RCE on the target system.
2024-12-16 07:27:23 -08:00
d196591845
Modified documentation
2024-12-16 15:47:30 +05:30
06528abe05
Added documentation
2024-12-16 15:33:29 +05:30
e06dd6deea
Update documentation
2024-12-12 22:10:11 +01:00
7d559e0b34
Add exploit module for CVE-2024-8856 - WP Time Capsule RCE
2024-12-11 01:14:17 +01:00
0b5e221620
Land #19533 , Update werkzeug rce module
2024-12-09 12:56:35 -08:00
4ce4cf472e
Update werkzeug_debug_rce.md
...
Added note about python3 version in verification steps because the version may change when a newer docker image becomes available.
Added report.txt as a file because I apparently forgot it before and the containers fail to build without it.
2024-12-08 21:11:03 +00:00
0e5cf3f7ba
Land #19649 , Primefaces RCE (CVE-2017-1000486)
2024-12-06 16:22:06 -08:00
5290750cca
Update doc
2024-12-05 16:19:14 +01:00
a123234141
Add CVE-2024-10924
2024-12-05 16:19:09 +01:00
fabced539d
Apply suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2024-12-04 16:44:48 +01:00
492ccca1aa
review
2024-11-23 12:43:35 -05:00
dc445ed1ac
Apply suggestions from code review
2024-11-23 00:57:08 +01:00
09d84eaabb
Added module for WSO2 API Manager Documentation File Upload Remote Code Execution
...
Closes #19646
on-behalf-of: @redwaysecurity <info@redwaysecurity.com >
2024-11-14 18:34:11 +01:00
222df0bfdf
Land #19527 Add bypass for GiveWP RCE (CVE-2024-8353)
...
This updates the exploit module wp_giveup_rce_bypass to incorporate the bypass CVE, allowing the payload to work on all affected versions of the GiveWP plugin.
2024-10-30 16:29:14 -04:00
6c099f2b73
Add WordPress wp-automatic SQLi to RCE module (CVE-2024-27956)
2024-10-14 18:13:17 +02:00
5228acb0f1
Update werkzeug_debug_rce docs to show modified output
2024-10-13 23:11:52 +01:00
f369a80fcc
Satisfy msftidy_docs against werkzeug_debug_rce.md
2024-10-13 22:55:12 +01:00
msutovsky-r7