9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
This week two improvements were made to the script/resource/basic_discovery.rc
resource script. The first update from community member samsepi0x0 allowed commas in the RHOSTS value, making it easier to target multiple hosts. Additionally, adfoster-r7 improved the script by adding better handling for error output. This continues our trend of trying to provide more useful diagnostic information to our end users.
The Metasploit Framework has been accepted to participate in Googleβs Summer of Code program again for 2023. This event pairs new contributors with an experienced mentor as they work on an open source project (Metasploit in our case). We will soon be soliciting project proposals from the community for anyone interested in getting involved. Some project ideas are on the docs site, but folks are welcome to submit entirely new ideas for something they think would benefit the Metasploit community.
This week, adfoster-r7 improved our docs site with a running count of all the published modules. This information is kept up to date automatically and is a great resource for anyone looking for how many modules Metasploit has included without needing to install and start the framework. The page even allows users to dive deeper into types of modules and platforms in the same way as msfconsole.
Authors: Askar and jheysel-r7
Type: Exploit
Pull request: #17640 contributed by jheysel-r7
AttackerKB reference: CVE-2023-0315
Description: This module exploits a vulnerability in versions of Froxlor prior to 2.0.8 that allows an authenticated user to change the default log file to an arbitrary path on the system. Using this, an authenticated user can write a Twig template, that when rendered, will execute arbitrary code and grant a shell or Meterpreter session as the www-data
user.
Authors: Spencer McIntyre and bAu
Type: Exploit
Pull request: #17652 contributed by zeroSteiner
AttackerKB reference: CVE-2023-0297
Description: This adds an exploit for CVE-2023-0297 which is an unauthenticated Javascript injection in pyLoadβs Click βNβ Load service.
script/resource/basic_discovery.rc
script to better detect when the Metasploit database is not connected as well as improving error output.script/resource/basic_discovery.rc
script to support commas in RHOSTS values.windows_secrets_dump
module.You can always find more documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).