Lucene search
K

4 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/02/27 8:25 p.m.14 views

Metasploit Wrap-Up 02/27/2026

No Prob-ollama This release brings some serious firepower with multiple new exploit modules and critical vulnerability support! The standout additions are the Ollama path traversal RCE CVE-2024-37032, a sophisticated exploit chaining arbitrary file writes into unauthenticated root RCE, and the...

9.9CVSS7.3AI score0.89633EPSS
Exploits17
Packet Storm
Packet Storm
added 2026/02/25 12:0 a.m.314 views

📄 BeyondTrust PRA / RS Unauthenticated Remote Code Execution

This Metasploit module exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. It leverages three different vulnerabilities depending on the user-selected target. The default target leverages CVE-2026-1731, a direct command...

9.9CVSS6.5AI score0.89914EPSS
Exploits22
CISA KEV Catalog
CISA KEV Catalog
added 2025/01/13 12:0 a.m.12 views

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execut...

7.2CVSS7.8AI score0.13788EPSS
In wildExploits0
Vulnrichment
Vulnrichment
added 2023/10/12 12:0 a.m.16 views

CVE-2023-23632

BeyondTrust Privileged Remote Access PRA versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the...

7AI score0.00193EPSS
Exploits1References1
Rows per page
Query Builder