Lucee Authenticated Scheduled Job Code Execution Exploit

This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is...

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

This module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user. Module Options msf use...

Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unsafe Deserialization RCE', 'Description' = %q This module exploits CVE-2023-0669, which is an object deserialization...

Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ServiceDesk Plus Unauthenticated SAML RCE', 'Description' = %q This exploits an unauthenticated remote code execution vulnerability...

OpenTSDB 2.4.0 Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 CVE-2020-35476 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If...

Acronis TrueImage XPC Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Acronis TrueImage XPC Privilege Escalation', 'Description' = %q Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to...

F5 BIG-IP iControl Authenticated RCE via RPM Creator

This module exploits a newline injection into an RPM .rpmspec file that permits authenticated users to remotely execute commands. Successful exploitation results in remote code execution as the root user. Module Options msf use exploit/linux/http/f5icontrolrpmspecrcecve202241800 msf...

F5 BIG-IP iControl Cross Site Request Forgery Exploit

This Metasploit module exploits a cross-site request forgery CSRF vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem. While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations...

FLIR AX8 unauthenticated RCE

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. This module uses the vulnerability...

Remote Mouse 4.110 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Mouse RCE', 'Description' = %q This module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it...

CVE-2022-41082

Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: zeroSteiner at January 10, 2023 2:58pm UTC reported: CVE-2022-41082, also known as ProxyNotShell is an authenticated RCE in Microsoft Exchange. ProxyNotShell actually combines CVE-2022-41082 and CVE-2022-41040 for t...

Netfilter nft_set_elem_init Heap Overflow Privilege Escalation

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netfilter nftseteleminit Heap Overflow Privilege Escalation', 'Description' = %q An issue was discovered in the Linux...

Bitbucket Git Command Injection

Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The /rest/api/latest/projects/projectKey/repos/repositorySlug/archive endpoint creates an archive of the repository, leveraging the git-archive...

Exploit for Use After Free in Microsoft

Bluekeep-Hunter CVE-2019-0708 This uses metasploit module in...

CVE-2023-5350

creationtimestamp| type| source ---|---|--- 2022-09-13 22:04:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/suitecrmexportsqli.rb 2023-10-03 16:41:23+00:00| seen| https://t.me/cibsecurity/71499 2025-10-23 21:13:02+00:00| seen|...

Cassandra Web File Read Vulnerability

This module exploits an unauthenticated directory traversal vulnerability in Cassandra Web 'Cassandra Web' version 0.5.0 and earlier, allowing arbitrary file read with the web server privileges. This vulnerability occurred due to the disabled Rack::Protection module Module Options msf use...

Zimbra UnRAR Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UnRAR Path Traversal in Zimbra CVE-2022-30333', 'Description' = %q This module creates a RAR file that can be emailed to a Zimbra server to explo...

Exploit for Link Following in Rarlab Unrar

A proof of concept for CVE-2022-30333 - a path traversal vulnera...

Exploit for Link Following in Rarlab Unrar

A proof of concept for CVE-2022-30333 - a path traversal vulnera...

JBOSS EAP/AS 6.x Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBOSS EAP/AS Remoting Unified Invoker RCE', 'Description' = %q An unauthenticated attacker with network access to the JBOSS EAP/AS 'Joao Matos ',...