NTP NAK To The Future

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP "NAK to the Future"', 'Description' = %q Crypto-NAK packets can be used to cause ntpd to accept time from unauthenticated ephemeral symmetric...

Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...

Mirage firewall for QubesOS 0.8.0-0.8.3 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mirage firewall for QubesOS 0.8.0-0.8.3 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial ...

HTTP Client LAN IP Address Gather

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Client LAN IP Address Gather', 'Description' = %q This module retrieves a browser's network interface IP addresses using WebRTC. , 'License'...

NIS bootparamd Domain Name Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NIS bootparamd Domain Name Disclosure', 'Description' = %q This module discloses the NIS domain name from bootparamd. You must know a client...

Android Browser Remote Code Execution Through Google Play Store XFO

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser RCE Through Google Play Store XFO', 'Description' = %q This module combines two vulnerabilities to achieve remote code execution ...

Jasmin Ransomware Web Server Unauthenticated Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated Directory Traversal', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticate...

ZyXEL GS1510-16 Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ZyXEL GS1510-16 Password Extractor', 'Description' = %q This module exploits a vulnerability in ZyXEL GS1510-16 routers to extract the admin...

AVTECH 744 DVR Account Information Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVTECH 744 DVR Account Information Retrieval', 'Description' = %q This module will extract the account information from the AVTECH 744 DVR device...

MantisBT Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MantisBT password reset', 'Description' = %q MantisBT before 1.3.10, 2.2.4, and 2.3.1 are vulnerable to unauthenticated password reset. , 'Licens...

Jasmin Ransomware Web Server Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated SQL Injection', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticated SQL...

IBM Data Risk Manager Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...

GitLab Authenticated File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab Authenticated File Read', 'Description' = %q GitLab version 16.0 contains a directory traversal for arbitrary file read as the gitlab-www...

Advantech WebAccess 8.1 Post Authentication Credential Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Advantech WebAccess 8.1 Post Authentication Credential Collector", 'Description' = %q This module allows you to log into Advantech WebAccess 8.1,...

Atlassian Confluence Data Center And Server Authentication Bypass Via Broken Access Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

MantisBT Admin SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MantisBT Admin SQL Injection Arbitrary File Read", 'Description' = %q Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if ...

Oracle DB SQL Injection Via SYS.LT.COMPRESSWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE', 'Description' = %q This module exploits an sql injection flaw in the COMPRESSWORKSPACE...

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

WebNMS Framework Server Credential Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Credential Disclosure', 'Description' = %q This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extra...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...