Exploit for CVE-2026-3844

CVE-2026-3844 — Breeze Cache move $tempgrava...

HTTPS Fetch, Reverse Ordinal TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/meterpreter/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf payloadreverseordtcp show options ...show...

HTTPS Fetch, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show...

HTTPS Fetch, Windows shellcode stage, Windows Reverse HTTPS Stager (wininet)

Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Tunnel communication over HTTPS Windows wininet Module Options msf use payload/cmd/windows/https/x86/custom/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf...

CVE-2024-57099

ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, allowing them to execute arbitrary code and potentially take control of the server...

Wordpress Popular Posts Authenticated RCE

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address 192/172/127/10. The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit...