CVE-2019-5624

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

CVE-2019-5624 Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

PT-2019-17785 · Rapid7 · Metasploit Framework

Name of the Vulnerable Software and Affected Versions: Rapid7 Metasploit Framework versions 4.14.0 and prior versions Description: The issue is related to improper limitation of a pathname to a restricted directory, also known as a path traversal vulnerability, in the Zip import function of...

metasploit-framework

This is a repository for the Metasploit Framework, a penetration testing tool. The repository contains various files and directories related to the project, including configuration files, documentation, and test scripts. The Metasploit Framework is a powerful tool for testing the security of...

Linux Nested User Namespace idmap Limit Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Nested User Namespace idmap Limit Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in Linux kernels...

Androspy - Backdoor Crypter & Creator With Automatic IP Poisener

Androspy : is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan Ouerghi Dependencies keytool jarsigner Apache2 Metasploit-Framework xterm Installation sudo apt-get install git git clone https://github.com/TunisianEagles/Androspy.git cd Androspy chmod +x setup.sh sudo...

CVE-2012-6610

creationtimestamp| type| source ---|---|--- 2018-11-05 22:04:13+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/misc/polycomhdxauthbypass.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

WebEx Remote Command Execution Utility

This module enables the execution of a single command as System by exploiting a remote code execution vulnerability in Cisco's WebEx client software. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

WinSpy - A Windows Reverse Shell Backdoor Creator With An Automatic IP Poisener

WinSpy: Windows Reverse Shell Backdoor Creator With ip poisener. Dependencies 1 - metasploit-framework 2 - xterm 3 - apache2 4 - whiptail Installation sudo apt-get install git git clone https://github.com/TunisianEagles/winspy.git cd winspy chmod +x setup.sh ./setup.sh chmod +x winspy.sh...

NodeXP - Detection and Exploitation Tool for Node.js Services

NodeXP is an intergrated tool, written in Python 2.7, capable of detecting possible vulnerabilities on Node.js services as well as exploiting them in an automated way, based on ServerSideJavascriptInjection attack! Getting Started - Installation & Usage Download NodeXP by cloning the Git...

LocalTapiola: F5 BigIP Backend Cookie Disclosure

Basic report information Summary: The Same issue was reported on www.myynti.lahitapiolarahoitus.fi by another reporter. It was fixed for that. But when I test the same issue on lahitapiolarahoitus.fi. It is also causing leakage of information. Description: I just identify F5 BigIP load balancers...

Data exfiltration techniques

Data exfiltration is the last stage of the kill chain in a generally targeted attack on an organisation. Whilst many excellent papers and tools are available for various techniques this is our attempt to pull all these together. This could also be used as a crib sheet for fellow pen testers who a...

CVE-2019-9760

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/ftpgetterpwdreply.rb 2023-12-17 23:09:51+00:00| seen| https://t.me/arpsyndicate/1861 2025-10-23 21:12:58+00:00| seen|...

CVE-2010-20108

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/ftppadlistreply.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2011-10030

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/foxitreaderfilewrite.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2010-20034

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/gekkomgrlistreply.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2013-6785

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/smtipmiurlredirecttraversal.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2010-20010

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/foxittitlebof.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2011-10025

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/subtitleprocessorm3ubof.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2012-6710

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/extploreruploadexec.rb 2018-10-07 22:25:55+00:00| seen| https://t.me/cibsecurity/557 2025-10-23 21:12:57+00:00| seen|...