Last updated at Mon, 05 Feb 2024 18:58:17 GMT
Authentication bypass in Wordpress Plugin WooCommerce Payments
This week's Metasploit release includes a module for CVE-2023-28121
by h00die. This module can be used against any wordpress instance that uses WooCommerce payments < 5.6.1. This module exploits an auth by-pass vulnerability in the WooCommerce WordPress plugin. You can simply add a header to execute the bypass and use the API to create a new admin user in Wordpress.
New module content (3)
Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation
Authors: Julien Ahrens, Michael Mazzolini, and h00die
Type: Auxiliary
Pull request: #18164 contributed by h00die
AttackerKB reference: CVE-2023-28121
Description: This module exploits an auth by-pass vulnerability in the WooCommerce WordPress plugin. By sending a speciality crafted request to the plugin an attacker can by-pass authentication and then use the WordPress API to create an admin user in WordPress.
pfSense Restore RRD Data Command Injection
Author: Emir Polat
Type: Exploit
Pull request: #17861 contributed by emirpolatt
AttackerKB reference: CVE-2023-27253
Description: This module exploits a vulnerability in pfSense version 2.6.0 and below which allows for authenticated users to execute arbitrary operating systems commands as root.
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
Authors: 1F98D, Ismail E. Dawoodjee, and Soroush Dalili
Type: Exploit
Pull request: #18170 contributed by ismaildawoodjee
AttackerKB reference: CVE-2019-7214
Description: Adds a new module for SmarterMail Build 6985 - dotNET Deserialization Remote Code Execution (CVE-2019-7214). The vulnerability affects SmarterTools SmarterMail Version less than or equal to 16.3.6989.16341 (all legacy versions without a build number), or SmarterTools SmarterMail Build less than 6985.
Enhancements and features (0)
None
Bugs fixed (0)
None
Documentation added (2)
- #18177 from ismaildawoodjee - Updates the Wiki to use
https://metasploit.com/download
instead ofhttp://metasploit.com/download
. - #18181 from hahwul - Updates broken links in the Wiki.
You can always find more documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).