2 min
Metasploit
Metasploit Weekly Wrap-Up: July 14, 2023
Authentication bypass in Wordpress Plugin WooCommerce Payments
This week's Metasploit release includes a module for CVE-2023-28121 by h00die
[https://github.com/h00die]. This module can be used against any wordpress
instance that uses WooCommerce payments < 5.6.1. This module exploits an auth
by-pass vulnerability in the WooCommerce WordPress plugin. You can simply add a
header to execute the bypass and use the API to create a new admin user in
Wordpress.
New module content (3)
Wordpress Plugin
2 min
Metasploit
Metasploit Weekly Wrap-Up: 4/28/23
Scanner That Pulls Sensitive Information From Joomla Installations
This week's Metasploit release includes a module for CVE-2023-23752 by h00die
[https://github.com/h00die]. Did you know about the improper API access
vulnerability in Joomla installations, specifically Joomla versions between
4.0.0 and 4.2.7, inclusive? This vulnerability allows unauthenticated users
access to web service endpoints which contain sensitive information such as user
and config information. This module can be used to
4 min
Metasploit
Metasploit Weekly Wrap-Up: 2/10/23
Taking a stroll down memory lane (Tomcat Init Script Privilege Escalation)
Do you remember the issue with Tomcat init script that was originally discovered
by Dawid Golunski [https://twitter.com/dawid_golunski?lang=en] back in 2016 that
led to privilege escalation? This week's Metasploit release includes an exploit
module for CVE-2016-1240 by h00die [https://github.com/h00die]. This
vulnerability allows any local users who already have tomcat accounts to perform
privilege escalation and gain acc
2 min
Metasploit
Metasploit Weekly Wrap-Up: 12/2/22
ProxyNotShell
This week's Metasploit release includes an exploit module for CVE-2022-41082,
AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai
[https://github.com/orangetw], Piotr Bazydło
[https://mobile.twitter.com/chudypb], Rich Warren
[https://twitter.com/buffaloverflow], Soroush Dalili [https://twitter.com/irsdl]
, and our very own Spencer McIntyre [https://github.com/zeroSteiner]. The
vulnerability CVE-2022-41082, AKA ProxyNotShell is a deserialization flaw in
Microsoft Exchang
3 min
Metasploit
Metasploit Weekly Wrap-Up: 9/9/22
Authenticated command injection vulnerability of Cisco ASA-X with FirePOWER
Services:
jbaines-r7 [https://github.com/jbaines-r7] added a new module that exploits an
authenticated command injection vulnerability CVE-2022-20828
[https://attackerkb.com/topics/wfvCFXXw2e/cve-2022-20828?referrer=blog] of Cisco
ASA-X with FirePOWER Services. This vulnerability affects all Cisco ASA
appliances that support ASA FirePOWER module. Note that, although a patch has
been added to most recent ASA FirePOWER mod