adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
70dd190bc7bf7456c82bea5feb547ccf0e31006f
metasploit-gs/modules/exploits/linux/http
T
History
Valentin Lobstein 70dd190bc7 Fix: Inline shellcode via asm db instead of mmap RWX 
Use Metasm's asm("db ...") to embed shellcode directly in .text section
which is executable by default. Removes mmap/memcpy/mprotect entirely,
avoiding RWX or W^X allocations that IDS may flag.

Parent process uses _exit(0) instead of return since the inlined
shellcode bytes follow the setsid() call in the instruction stream.

Co-Authored-By: jvoisin <325724+jvoisin@users.noreply.github.com>
2026-02-24 23:32:05 +01:00
..
accellion_fta_getstatus_oauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
acronis_cyber_infra_cve_2023_45249.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
advantech_switch_bash_env_exec.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
airties_login_cgi_bof.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
aitemi_m300_time_rce.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
alcatel_omnipcx_mastercgi_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
alienvault_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
alienvault_sqli_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
apache_airflow_dag_rce.rb
Move module and documentation from multi/http to linux/http
2023-09-17 22:42:26 +08:00
apache_continuum_cmd_exec.rb
add CVE reference to Continuum exploit
2026-01-26 12:36:12 +01:00
apache_couchdb_cmd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
apache_druid_js_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
apache_hugegraph_gremlin_rce.rb
Update modules/exploits/linux/http/apache_hugegraph_gremlin_rce.rb
2024-08-13 08:48:33 -07:00
apache_nifi_h2_rce.rb
review comments
2023-08-28 17:39:02 -04:00
apache_ofbiz_deserialization_soap.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
apache_ofbiz_deserialization.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
apache_solr_backup_restore.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
apache_spark_rce_cve_2022_33891.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
apache_superset_cookie_sig_rce.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
appsmith_rce_cve_2024_55964.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
artica_proxy_auth_bypass_service_cmds_peform_command_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
artica_proxy_unauth_rce_cve_2024_2054.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
astium_sqli_upload.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
asuswrt_lan_rce.rb
Remove false positive references
2025-11-19 17:34:15 +01:00
atutor_filemanager_traversal.rb
Update dash characters in module references
2025-10-07 14:03:32 -04:00
axis_app_install.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
axis_srv_parhand_rce.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
belkin_login_bof.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
bentoml_rce_cve_2025_27520.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
bentoml_runner_server_rce_cve_2025_32375.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
beyondtrust_pra_rs_unauth_rce.rb
Update modules/exploits/linux/http/beyondtrust_pra_rs_unauth_rce.rb
2026-02-10 18:06:20 +01:00
bitbucket_git_cmd_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
bludit_upload_images_exec.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
cacti_unauthenticated_cmd_injection.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
cayin_cms_ntp.rb
centreon_auth_rce_cve_2025_5946.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
centreon_pollers_auth_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
centreon_sqli_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
centreon_useralias_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
cfme_manageiq_evm_upload_exec.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
chamilo_bigupload_webshell.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
chamilo_unauth_rce_cve_2023_34960.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
chaos_rat_xss_to_rce.rb
review of chaos rat
2024-05-13 16:55:43 -04:00
cisco_asax_sfr_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_firepower_useradd.rb
Merge pull request #20298 from bcoles/modules-SSL
2025-06-26 15:00:59 +01:00
cisco_hyperflex_file_upload_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_hyperflex_hx_data_platform_cmd_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_prime_inf_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
cisco_rv32x_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
cisco_rv340_lan.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_rv_series_authbypass_and_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_ucs_cloupia_script_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cisco_ucs_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
control_web_panel_api_cmd_exec.rb
Fix archs
2026-01-13 14:24:04 +01:00
control_web_panel_login_cmd_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
cpi_tararchive_upload.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
craftcms_ftp_template.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
craftcms_preauth_rce_cve_2025_32432.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
craftcms_unauth_rce_cve_2023_41892.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
crypttech_cryptolog_login_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
cve_2019_1663_cisco_rmi_rce.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
dcos_marathon.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
ddwrt_cgibin_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
denyall_waf_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dlink_authentication_cgi_bof.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_command_php_exec_noauth.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dcs931l_upload.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dlink_dcs_930l_authenticated_remote_command_execution.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_diagnostic_exec_noauth.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
dlink_dir300_exec_telnet.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dir605l_captcha_bof.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dir615_up_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
dlink_dir850l_unauth_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dsl2750b_exec_noauth.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dspw110_cookie_noauth_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dspw215_info_cgi_bof.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_dwl_2600_command_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
dlink_hedwig_cgi_bof.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_hnap_bof.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dlink_hnap_header_exec_noauth.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dlink_hnap_login_bof.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dlink_upnp_exec_noauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dnalims_admin_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
docker_daemon_tcp.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dolibarr_cmd_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
dreambox_openpli_shell.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
dtale_rce_cve_2025_0655.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
efw_chpasswd_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
elfinder_archive_cmd_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
empire_skywalker.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
eramba_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
esva_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
eyesofnetwork_autodiscovery_rce.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
f5_bigip_tmui_rce_cve_2020_5902.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
f5_bigip_tmui_rce_cve_2023_46747.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
f5_icall_cmd.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
f5_icontrol_exec.rb
Add references to MITRE ATT&CK T1021 - Remote Services
2025-10-14 16:25:30 +02:00
f5_icontrol_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
f5_icontrol_rest_ssrf_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
f5_icontrol_rpmspec_rce_cve_2022_41800.rb
f5_icontrol_soap_csrf_rce_cve_2022_41622.rb
flir_ax8_unauth_rce_cve_2022_37061.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
foreman_openstack_satellite_code_exec.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
fortinac_keyupload_file_write.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
fortinet_authentication_bypass_cve_2022_40684.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
fortinet_fortiweb_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
fritzbox_echo_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
froxlor_log_path_rce.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
geutebruck_cmdinject_cve_2021_335xx.rb
Fixes some invalid links
2025-02-28 11:29:59 +00:00
geutebruck_instantrec_bof.rb
Fixes some invalid links
2025-02-28 11:29:59 +00:00
geutebruck_testaction_exec.rb
Fixes some invalid links
2025-02-28 11:29:59 +00:00
github_enterprise_secret.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
gitlist_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
glinet_unauth_rce_cve_2023_50445.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
glpi_htmlawed_php_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
goahead_ldpreload.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
goautodial_3_rce_command_injection.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
gpsd_format_string.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
grandstream_gxv31xx_settimezone_unauth_cmd_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
grandstream_ucm62xx_sendemail_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
gravcms_exec.rb
groundwork_monarch_cmd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
h2_webinterface_rce.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
hadoop_unauth_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
hikvision_cve_2021_36260_blind.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
hp_system_management.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
hp_van_sdn_cmd_inject.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
hpe_oneview_rce.rb
add in the AKB analysis
2025-12-19 15:38:43 +00:00
huawei_hg532n_cmdinject.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
ibm_drm_rce.rb
ibm_qradar_unauth_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
ictbroadcast_unauth_cookie.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
imperva_securesphere_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
invoiceninja_unauth_rce_cve_2024_55555.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
invoiceshelf_unauth_rce_cve_2024_55556.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
invokeai_rce_cve_2024_12029.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ipfire_bashbug_exec.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
ipfire_oinkcode_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
ipfire_pakfire_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ipfire_proxy_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
ispconfig_lang_edit_php_code_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ivanti_connect_secure_rce_cve_2023_46805.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ivanti_connect_secure_rce_cve_2024_21893.rb
remove the linux and unix targets in favor of a single automatic target
2024-02-09 09:26:08 +00:00
ivanti_connect_secure_rce_cve_2024_37404.rb
Add comment explaining payload architecture restraints
2024-12-03 18:33:43 -08:00
ivanti_connect_secure_stack_overflow_rce_cve_2025_22457.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ivanti_csa_unauth_rce_cve_2021_44529.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ivanti_epmm_rce.rb
remove the extra + operator. add a comment as to why we ljust the value.
2026-02-06 14:52:00 +00:00
ivanti_sentry_misc_log_service.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
jenkins_cli_deserialization.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
judge0_sandbox_escape_cve_2024_28189.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
kafka_ui_unauth_rce_cve_2023_52251.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
kaltura_unserialize_cookie_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
kaltura_unserialize_rce.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
kibana_timelion_prototype_pollution_rce.rb
review comments
2023-09-01 20:34:35 -04:00
kibana_upgrade_assistant_telemetry_rce.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
klog_server_authenticate_user_unauth_command_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
kloxo_sqli.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
lexmark_faxtrace_settings.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
librenms_addhost_cmd_inject.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
librenms_authenticated_rce_cve_2024_51092.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
librenms_collectd_cmd_inject.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
lifesize_uvc_ping_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
linear_emerge_unauth_rce_cve_2019_7256.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
linksys_apply_cgi.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
linksys_e1500_apply_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
linksys_themoon_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
linksys_wrt54gl_apply_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
linksys_wrt110_cmd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
linksys_wrt160nv2_apply_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
linksys_wvbr0_user_agent_exec_noauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
linuxki_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
logsign_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
lucee_admin_imgprocess_file_write.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
magento_xxe_to_glibc_buf_overflow.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
magnusbilling_unauth_rce_cve_2023_30258.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
mailcleaner_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
majordomo_cmd_inject_cve_2023_50917.rb
Add suggested changes
2023-12-22 00:04:54 +01:00
metabase_setup_token_rce.rb
Fix metabase rce to support older versions
2024-10-17 10:10:50 +01:00
microfocus_obr_cmd_injection.rb
Add additional reliability and stability notes to modules
2024-01-22 23:29:57 +00:00
microfocus_secure_messaging_gateway.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
mida_solutions_eframework_ajaxreq_rce.rb
mobileiron_core_log4shell.rb
mobileiron_mdm_hessian_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
moodle_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
motioneye_auth_rce_cve_2025_60787.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
multi_ncc_ping_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
mutiny_frontend_upload.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
mvpower_dvr_shell_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
nagios_xi_autodiscovery_webshell.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
nagios_xi_chained_rce_2_electric_boogaloo.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
nagios_xi_chained_rce.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
nagios_xi_configwizards_authenticated_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
nagios_xi_magpie_debug.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
nagios_xi_mibs_authenticated_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
nagios_xi_plugins_check_plugin_authenticated_rce.rb
Add references to MITRE ATT&CK T1021 - Remote Services
2025-10-14 16:25:30 +02:00
nagios_xi_plugins_filename_authenticated_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
nagios_xi_snmptrap_authenticated_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
netalertx_rce_cve_2024_46506.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
netgear_dgn1000_setup_unauth_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
netgear_dgn1000b_setup_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
netgear_dgn2200b_pppoe_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
netgear_dnslookup_cmd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
netgear_r7000_cgibin_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
netgear_readynas_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
netgear_unauth_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
netgear_wnr2000_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
netis_unauth_rce_cve_2024_22729.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
netis_unauth_rce_cve_2024_48456_and_48457.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
netsweeper_webadmin_unixlogin.rb
nexus_repo_manager_el_injection.rb
nginx_chunked_size.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
nuuo_nvrmini_auth_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
nuuo_nvrmini_unauth_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
ollama_rce_cve_2024_37032.rb
Fix: Inline shellcode via asm db instead of mmap RWX
2026-02-24 23:32:05 +01:00
op5_config_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
openfiler_networkcard_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
openmetadata_auth_bypass_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
opennms_horizon_authenticated_rce.rb
Update opennms_horizon_authenticated_rce.rb
2025-06-21 20:37:33 +03:00
opentsdb_key_cmd_injection.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
opentsdb_yrange_cmd_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
optergy_bms_backdoor_rce_cve_2019_7276.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
oracle_ebs_rce_cve_2022_21587.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
paloalto_expedition_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pandora_fms_auth_netflow_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pandora_fms_auth_rce_cve_2024_11320.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pandora_fms_auth_rce_cve_2024_12971.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pandora_fms_events_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pandora_fms_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
pandora_fms_sqli.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
pandora_itsm_auth_rce_cve_2025_4653.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
pandora_ping_cmd_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
panos_management_unauth_rce.rb
use the HttpClient cookie jar. Thank you @jheysel-r7 for this improvement.
2024-12-17 17:47:00 +00:00
panos_op_cmd_exec.rb
panos_readsessionvars.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
panos_telemetry_cmd_exec.rb
Addressing msftidy issues
2024-04-18 18:34:18 -05:00
peercast_url.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
php_imap_open_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pineapp_ldapsyncnow_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pineapp_livelog_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pineapp_test_li_conn_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pineapple_bypass_cmdinject.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pineapple_preconfig_cmdinject.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
piranha_passwd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
pivotx_index_php_overwrite.rb
Added incorrect creds check
2025-08-12 10:42:46 -07:00
pretalx_rce_cve_2023_28458.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
prison_management_rce.rb
Update modules/exploits/linux/http/prison_management_rce.rb
2026-01-07 14:45:03 +02:00
progress_flowmon_unauth_cmd_injection.rb
Change xml to html in get_html_document
2024-05-28 16:29:55 -04:00
progress_kemp_loadmaster_unauth_cmd_injection.rb
Add vulnerable versions and fix indention
2024-04-26 17:36:50 -05:00
projectsend_unauth_rce.rb
Merge pull request #19714 from bwatters-r7/update/projectsend-cveinfo
2024-12-11 13:54:06 +00:00
pulse_secure_cmd_exec.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
pulse_secure_gzip_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
pyload_js2py_cve_2024_39205.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
pyload_js2py_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
qnap_qcenter_change_passwd_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
qnap_qts_rce_cve_2023_47218.rb
Updates modules to remove non-printable chars
2025-06-25 14:19:56 +01:00
raidsonic_nas_ib5220_exec_noauth.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
railo_cfml_rfi.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
rancher_server.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
raspberrymatic_unauth_rce_cve_2024_24578.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
ray_agent_job_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
ray_cpu_profile_cmd_injection_cve_2023_6019.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
rconfig_ajaxarchivefiles_rce.rb
Add additional reliability and stability notes to modules
2024-01-22 23:29:57 +00:00
rconfig_vendors_auth_file_upload_rce.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
realtek_miniigd_upnp_exec_noauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
riverbed_netprofiler_netexpress_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
roxy_wi_exec.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
saltstack_salt_api_cmd_exec.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
saltstack_salt_wheel_async_rce.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
samsung_srv_1670d_upload_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
seagate_nas_php_exec_noauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
selenium_greed_chrome_rce_cve_2022_28108.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
selenium_greed_firefox_rce_cve_2022_28108.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
skyvern_ssti_cve_2025_49619.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
smt_ipmi_close_window_bof.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
solarview_unauth_rce_cve_2023_23333.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
sonicwall_cve_2021_20039.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
sophos_utm_webadmin_sid_cmd_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
sophos_wpa_iface_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
sophos_wpa_sblistpack_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
sourcegraph_gitserver_sshcmd.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
spark_unauth_rce.rb
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
splunk_auth_rce_cve_2024_36985.rb
add suggestions from @jheysel-r7
2026-01-19 18:45:01 -08:00
spring_cloud_gateway_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
suitecrm_log_file_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
supervisor_xmlrpc_exec.rb
Add references to MITRE ATT&CK T1021 - Remote Services
2025-10-14 16:25:30 +02:00
symantec_messaging_gateway_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symantec_web_gateway_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symantec_web_gateway_file_upload.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symantec_web_gateway_lfi.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symantec_web_gateway_pbcontrol.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symantec_web_gateway_restore.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
symmetricom_syncserver_rce.rb
synology_dsm_sliceupload_exec_noauth.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
synology_dsm_smart_exec_auth.rb
Add references to MITRE ATT&CK T1021 - Remote Services
2025-10-14 16:25:30 +02:00
terramaster_unauth_rce_cve_2020_35665.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
terramaster_unauth_rce_cve_2021_45837.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
terramaster_unauth_rce_cve_2022_24990.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
tiki_calendar_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
totolink_unauth_rce_cve_2023_30013.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
tp_link_ncxxx_bonjour_command_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
tp_link_sc2020n_authenticated_telnet_injection.rb
Add references to MITRE ATT&CK T1021 - Remote Services
2025-10-14 16:25:30 +02:00
tr064_ntpserver_cmdinject.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
traccar_rce_upload.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
trend_micro_imsva_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
trendmicro_imsva_widget_exec.rb
Update dash characters in module references
2025-10-07 14:03:32 -04:00
trendmicro_sps_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
trendmicro_websecurity_exec.rb
trueonline_billion_5200w_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
trueonline_p660hn_v1_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
trueonline_p660hn_v2_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
ubiquiti_airos_file_upload.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
ueb_api_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
unraid_auth_bypass_exec.rb
Updates more dead links
2025-02-28 10:30:14 +00:00
vap2500_tools_command_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
vcms_upload.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
vestacp_exec.rb
Suggestion and rubocop fixes
2024-09-05 08:49:32 -07:00
vinchin_backup_recovery_cmd_inject.rb
Update modules/exploits/linux/http/vinchin_backup_recovery_cmd_inject.rb
2023-11-28 08:10:56 +01:00
vmware_nsxmgr_xstream_rce_cve_2021_39144.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_vcenter_analytics_file_upload.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_vcenter_vsan_health_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_view_planner_4_6_uploadlog_rce.rb
Updates more dead links
2025-02-28 10:30:14 +00:00
vmware_vrli_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_vrni_rce_cve_2023_20887.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_vrops_mgr_ssrf_rce.rb
vmware_workspace_one_access_cve_2022_22954.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
vmware_workspace_one_access_vmsa_2022_0011_chain.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
wanem_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
watchguard_firebox_unauth_rce_cve_2022_26318.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
wazuh_auth_rce_cve_2025_24016.rb
Add GHSA and OSV reference type support
2026-02-09 15:17:23 +01:00
wd_mycloud_multiupload_upload.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
wd_mycloud_unauthenticated_cmd_injection.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
webcalendar_settings_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
webid_converter.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
webmin_backdoor.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
webmin_file_manager_rce.rb
webmin_package_updates_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
webmin_packageup_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
wepresent_cmd_injection.rb
Mass rubocop changes
2025-12-18 10:08:31 -05:00
wipg1000_cmd_injection.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
xorcom_completepbx_scheduler.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
xplico_exec.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
zabbix_sqli.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
zen_load_balancer_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
zenoss_showdaemonxmlconfig_exec.rb
Add missing CVEs from VulnCheck
2025-10-07 13:59:13 -04:00
zimbra_cpio_cve_2022_41352.rb
zimbra_mboximport_cve_2022_27925.rb
zimbra_unrar_cve_2022_30333.rb
zimbra_xxe_rce.rb
Update info -d markdown
2025-06-24 11:21:49 +01:00
zyxel_lfi_unauth_ssh_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
zyxel_parse_config_rce.rb
Apply suggestions from code review
2024-07-03 13:51:50 -04:00
zyxel_ztp_rce.rb
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00