BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting

BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML. id: CVE-2021-31589 info: name: BeyondTrust Secure Remote Access Base =6.0.1 - Cross-Site Scripting author: Ahmed Abou-Ela,r3Y3r53...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

CVE-2026-1731 — BeyondTrust Remote Support & PRA Pre-auth RCE...

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

BeyondTrust CVE-2026-1731 PoC Overview A Python-based sec...

Metasploit Wrap-Up 02/27/2026

No Prob-ollama This release brings some serious firepower with multiple new exploit modules and critical vulnerability support! The standout additions are the Ollama path traversal RCE CVE-2024-37032, a sophisticated exploit chaining arbitrary file writes into unauthenticated root RCE, and the...

BeyondTrust RS 25.3.1 PRA/RS Mass Scanner

This Metasploit module is a safe auxiliary scanner for the Metasploit Framework designed to identify potentially vulnerable deployments of BeyondTrust Privileged Remote Access and BeyondTrust Remote Support that are susceptible to CVE-2026-1731...

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution

This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. The module targets CVE-2026-1731, a direct command injection affecting RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Exploitation occurs with the...

📄 BeyondTrust PRA / RS Unauthenticated Remote Code Execution

This Metasploit module exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. It leverages three different vulnerabilities depending on the user-selected target. The default target leverages CVE-2026-1731, a direct command...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

BeyondTrust CVE-2026-1731 Scanner Professional Python scanner...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

Security Unauthenticated Stored Cross-Site Scripting CVE-2026...

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products to conduct a wide range of malicious actions, including deploying VShell and Spark RAT. The vulnerability, tracked as...

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

CVE-2026-1731 Blind RCE PoC Effected Versions: - Privi...

📄 BeyondTrust Remote Support / Privileged Remote Access Remote Code Execution

A critical pre‑authentication remote code execution vulnerability identified as CVE-2026-1731 affects products from BeyondTrust, specifically Remote Support and Privileged Remote Access. The vulnerability allows an unauthenticated attacker to execute arbitrary commands on a vulnerable system by...

Exploit for CVE-2026-1731

CVE-2026-1731 — BeyondTrust RS/PRA Passive Vulnerability Scann...

Vulnerability fixed in BeyondTrust Remote Support

BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-1731link is external BeyondTrust Remote Support RS and Privileged Remote Access PRA OS Command Injection Vulnerability These types of vulnerabilities are...

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan...

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

BeyondTrust Remote Support RS and Privileged Remote Access PRAcontain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user. Successful exploitation requires no...

Exploit for CVE-2026-1731

CVE-2026-1731 BeyondTrust Remote Support Pre-Auth RCE PoC...

BeyondTrust Remote Support (RS) < 25.3.2 Pre-Authentication RCE (BT26-02)

The version of BeyondTrust Remote Support RS running on the remote host is prior to 25.3.2. It is, therefore, potentially affected by a pre-authentication remote code execution vulnerability: - By sending specially crafted requests, an unauthenticated remote attacker may be able to execute...