Simple Web Server 2.3-RC1 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Simple Web Server 2.3-RC1 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Simple Web...

MS06-019 Exchange MODPROP Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS06-019 Exchange MODPROP Heap Overflow', 'Description' = %q This module triggers a heap overflow vulnerability in MS Exchange that occurs when...

Ray Agent Job RCE

RCE in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. Module Options msf use exploit/linux/http/rayagentjobrce msf exploitrayagentjobrce show targets ...targets... msf...

LG Simple Editor Remote Code Execution Exploit

This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious...

Rudder Server SQLI Remote Code Execution

This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform CDP. The vulnerability exists in versions of rudder-server prior to 1.3.0-rc.1. By exploiting this flaw, an attacker can execute arbitrary SQL commands, which may le...

Grandstream GXV3175 Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV3175 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...

Wordpress Plugin Catch Themes Demo Import RCE

The Wordpress Plugin Catch Themes Demo Import versions use exploit/multi/http/wpcatchthemesdemoimport msf exploitwpcatchthemesdemoimport show targets ...targets... msf exploitwpcatchthemesdemoimport set TARGET msf exploitwpcatchthemesdemoimport show options ...show and set options... msf...

Micro Focus Operations Bridge Manager Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Manager Authenticated Remote Code Execution', 'Description' = %q This module exploits an authenticated Java...

Cisco UCS Director Cloupia Script Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS...

Wago PFC200 - Authenticated Remote Code Execution (Metasploit)

Exploit Title: Wago PFC200 - Authenticated Remote Code Execution Metasploit Date: 2020-02-05 Exploit Author: Nico Jansen 0x483d Vendor Homepage: https://www.wago.com/ Version: 'Wago PFC200 authenticated remote code execution', 'Description' = %q The Wago PFC200 up to incl. Firmware 11 020835 is...

Centreon 19.10.5 - 'Pollers' Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Centreon Poller Authenticated Remote Command Execution', 'Description' = %q TODO , 'Author' = 'Omri Baso', discovery 'Fabien Aunay', discovery...

Centreon Poller Authenticated Remote Command Execution

An authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules to perform certain actions, by the scheduler for data processing, etc. This modul...

Etcd Version Scanner

This module connections to etcd API endpoints, typically on 2379/TCP, and attempts to obtain the version of etcd. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Etcd Version Scanner',...

Steamed Hams

but it's a Metasploit Module This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Steamed Hams', 'Description' = "but it's a Metasploit Module", 'License' = MSFLICENSE, 'Author' = 'bcook-r7' ,...

HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution", 'Description' = %q This module exploits a remote command execution...

D-Link DIR-850L Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'DIR-850L Unauthenticated OS Command Exec', 'Description' = %q This module leverages an unauthenticated credential disclosure...

Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE

This module exploits a stack Buffer Overflow in the GCore server GCoreServer.exe. The vulnerable webserver is running on Port 13003 and Port 13004, does not require authentication and affects all versions from 2003 till July 2016 Version 1.4.YYYYY. This module requires Metasploit:...

Overlayfs Privilege Escalation Exploit

Exploit for linux platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Overlayfs Privilege Escalation', 'Description' = %q This module attempts...

OpenNMS Java Object Unserialization Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'OpenNMS Java Object Unserialization Remote Code Execution', 'Description' = %q This module exploits a vulnerability in the...

Java JMX Server Insecure Configuration Java Code Execution Exploit

This Metasploit module takes advantage a Java JMX interface insecure configuration, which would allow loading classes from any remote HTTP URL. JMX interfaces with authentication disabled com.sun.management.jmxremote.authenticate=false should be vulnerable, while interfaces with authentication...