1826 matches found
Metasploit Wrap-Up 12/05/2025
Twonky Auth Bypass, RCEs and RISC-V Reverse Shell Payloads This was another fantastic week in terms of PR contribution to the Metasploit Framework. Rapid7’s very own Ryan Emmons recently disclosed CVE-2025-13315 and CVE-2025-13316 which exist in Twonky Server and allow decrypting admin credential...
Exploit for CVE-2025-55182
CVE-2025-55182 – React2Shell RCE Summary Remote Code Exec...
Exploit for CVE-2025-55182
⚠️ Warning: Used only for authorization security testing. Pleas...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
F5 BIG-IP CVE-2023-46747 - Unauthenticated RCE + Auto Reverse...
Exploit for Code Injection in Samba
CVE-2017-7494 Remote root exploit for the SAMBA CVE-2017-7494...
PT-2025-47956
Rooting Tesla's Linux-based infotainment system typically involves exploiting software vulnerabilities, like improper access controls in diagnostic interfaces e.g., CVE-2022-42008. Enthusiasts connect via Ethernet ports, use tools to gain a reverse shell, and set up persistence by modifying...
Exploit for Use of Uninitialized Resource in Microsoft
Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...
Exploit for CVE-2025-34299
Monsta FTP CVE-2025-34299 Exploit Python exploit for the RCE...
Malicious code in pam98wyfupa98w (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
MAL-2025-191810 Malicious code in pam98wyfupa98w (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
MAL-2025-191710 Malicious code in d1n0-exploit-aaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
Malicious code in d1n0-exploit-aaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
Malicious code in d1n0exploitaaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ecd01d9010a3e9192c6636d4ddefa1e493438b1bbf65002e8daf6a014067692 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
MAL-2025-191711 Malicious code in d1n0exploitaaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ecd01d9010a3e9192c6636d4ddefa1e493438b1bbf65002e8daf6a014067692 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
Exploit for Code Injection in Xwiki
CVE-2025-24893-PoC XWiki Unauthenticated RCE Exploit for Reve...
Exploit for Deserialization of Untrusted Data in Microsoft
WSUS-CVE-2025-59287-RCE CVE-2025-59287 is a critical CVSS...
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2025-59287-WSUS powershell version of hawktrace POC exploi...
Exploit for CVE-2025-59287
CVE-2025-59287 WSUS RCE Exploit Automated exploit for Windows...
Exploit for Type Confusion in Adobe Acrobat_Dc
Kibana ⚠️ Disclaimer: This script is for educationa...
CVE-2025-61303
Hatching Triage Sandbox Windows 10 build 2004 2025-08-14 and Windows 10 LTSC 20212025-08-14 contains a vulnerability in its Windows behavioral analysis engine that allows a submitted malware sample to evade detection and cause denial-of-analysis. The vulnerability is triggered when a sample...