Metasploit Wrap-Up 02/27/2026

No Prob-ollama This release brings some serious firepower with multiple new exploit modules and critical vulnerability support! The standout additions are the Ollama path traversal RCE CVE-2024-37032, a sophisticated exploit chaining arbitrary file writes into unauthenticated root RCE, and the...

📄 BeyondTrust PRA / RS Unauthenticated Remote Code Execution

This Metasploit module exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. It leverages three different vulnerabilities depending on the user-selected target. The default target leverages CVE-2026-1731, a direct command...

Exploit for CVE-2026-1731

CVE-2026-1731 — BeyondTrust RS/PRA Passive Vulnerability Scann...

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execut...

Malicious code in pinyin-pra (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9b8720c87d902e268ccf6e9db13f00285998cf35b280a6851ef9c3c23b3f0d6b The OpenSSF Package Analysis project identified 'pinyin-pra' @ 1.0.3 npm as malicious. It is considered malicious because: - The package...

Authentication flaw

BeyondTrust Privileged Remote Access PRA versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the...

CVE-2023-23632

BeyondTrust Privileged Remote Access PRA versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the...

CVE-2023-23632

BeyondTrust Privileged Remote Access (PRA) 22.2.x–22.4.x contains a local authentication bypass through a flawed secret verification in the BYOT shell jump sessions, enabling access to jump items by guessing the first character of the secret. Affected product: BeyondTrust PRA. Root cause: insecur...

CVE-2023-23632

BeyondTrust Privileged Remote Access PRA versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the...

CVE-2023-4310

BeyondTrust Privileged Remote Access PRA and Remote Support RS versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute...

CVE-2023-4310

BeyondTrust PRA and RS versions 23.2.1–23.2.2 contain a command-injection vulnerability exploitable via a malicious HTTP request. An unauthenticated remote attacker can execute arbitrary OS commands in the context of the site user. The issue is fixed in version 23.2.3. Remediation: upgrade to 23....

The vulnerability of the Ethernet switch Bosch PRA-ES8P2S web server allows attackers to increase their privileges.

The vulnerability of the Bosch PRA-ES8P2S Ethernet switch web server is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to escalate their privileges remotely...

The vulnerability of the microprogrammed Ethernet switch Bosch PRA-ES8P2S, related to deficiencies in access control, allows attackers to bypass existing security restrictions and elevate their privileges to the root level.

The vulnerability of the microprogrammed Ethernet switch Bosch PRA-ES8P2S is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and elevate their privileges to the root level...

The vulnerability in the web interface for diagnosing micro-program software in the Bosch PRA-ES8P2S Ethernet switch allows a hacker to execute arbitrary operating system commands.

The vulnerability of the web-based interface for diagnosing micro-programmed Ethernet switch software from Bosch, the PRA-ES8P2S, is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands using...

Bosch Ethernet switch PRA-ES8P2S Web service elevation of privilege vulnerability

Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany.Bosch Ethernet switch PRA-ES8P2S Web service elevation of privilege vulnerability can be exploited by remote attackers to submit special requests that can elevate privileges to execute arbitrary commands in root context...

CVE-2022-32534

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch...

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch...

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...