Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

CVE-2026-1731 — BeyondTrust Remote Support & PRA Pre-auth RCE...

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

In this article 1. Risk to enterprise environments 2. Attack chain overview 1. Stage 1: Initial contact via Teams T1566.003 Spearphishing via Service 2. Stage 2: Remote assistance foothold 3. Stage 3: Interactive reconnaissance and access validation 4. Stage 4: Payload placement and trusted...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

BeyondTrust CVE-2026-1731 PoC Overview A Python-based sec...

BeyondTrust RS 25.3.1 PRA/RS Mass Scanner

This Metasploit module is a safe auxiliary scanner for the Metasploit Framework designed to identify potentially vulnerable deployments of BeyondTrust Privileged Remote Access and BeyondTrust Remote Support that are susceptible to CVE-2026-1731...

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution

This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. The module targets CVE-2026-1731, a direct command injection affecting RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Exploitation occurs with the...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

BeyondTrust CVE-2026-1731 Scanner Professional Python scanner...

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products to conduct a wide range of malicious actions, including deploying VShell and Spark RAT. The vulnerability, tracked as...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

CVE-2026-1731 Blind RCE PoC Effected Versions: - Privi...

📄 BeyondTrust Remote Support / Privileged Remote Access Remote Code Execution

A critical pre‑authentication remote code execution vulnerability identified as CVE-2026-1731 affects products from BeyondTrust, specifically Remote Support and Privileged Remote Access. The vulnerability allows an unauthenticated attacker to execute arbitrary commands on a vulnerable system by...

Vulnerability fixed in BeyondTrust Remote Support

BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan...

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

BeyondTrust Remote Support RS and Privileged Remote Access PRAcontain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user. Successful exploitation requires no...

Exploit for CVE-2026-1731

CVE-2026-1731 BeyondTrust Remote Support Pre-Auth RCE PoC...

BeyondTrust Remote Support (RS) < 25.3.2 Pre-Authentication RCE (BT26-02)

The version of BeyondTrust Remote Support RS running on the remote host is prior to 25.3.2. It is, therefore, potentially affected by a pre-authentication remote code execution vulnerability: - By sending specially crafted requests, an unauthenticated remote attacker may be able to execute...

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Overview On February 6, 2026, BeyondTrust released security advisory BT26-02, disclosing a critical pre-authentication Remote Code Execution RCE vulnerability affecting its Remote Support RS and Privileged Remote Access PRA products. Assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9,...

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust has released updates to address a critical security flaw impacting Remote Support RS and Privileged Remote Access PRA products that, if successfully exploited, could result in remote code execution. "BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access...

VulnCheck KEV: CVE-2026-1731

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

CVE-2026-1731

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

EUVD-2026-5559

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

CVE-2026-1731

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...