Brendan e998b91aee Merge pull request #20717 from sfewer-r7/fortiweb-exploit-rce ...

Add exploit module for Fortinet FortiWeb (CVE-2025-64446 + CVE-2025-58034)

2025-11-25 14:14:31 -06:00

..

fileformat

Updates docs to reflect new default prompt

2025-07-17 09:53:40 +01:00

http

on 7.4.8 the command nohup is not available. we must execute our payload in a new session, so we use a python stub to essentially call setsid. This has been tested to work on both 8.0.1 and 7.4.8. Teh payload cmd/unix/reverse_python isnot working as it previously was, so I am removing from the list of confirmed paylaods. The other two, cmd/unix/reverse_bash and cmd/unix/reverse_openssl work fine on both versions

2025-11-25 11:25:41 +00:00

local

Correct vulnerable version information

2025-11-24 17:10:51 +00:00

misc

replace bold options with h3

2025-11-07 15:42:23 -05:00

persistence

Update module information in documentation

2025-11-24 11:24:23 +00:00

redis

Updates msf5 as well

2025-07-17 11:51:29 +01:00

samba

replace bold options with h3

2025-11-07 15:42:23 -05:00

smtp

replace bold options with h3

2025-11-07 15:42:23 -05:00

snmp

replace bold options with h3

2025-11-07 15:42:23 -05:00

ssh

Updates msf5 as well

2025-07-17 11:51:29 +01:00

telnet

replace bold options with h3

2025-11-07 15:42:23 -05:00

upnp

replace bold options with h3

2025-11-07 15:42:23 -05:00