Last updated at Fri, 04 Oct 2024 14:31:24 GMT

New module content (3)

Magento XXE Unserialize Arbitrary File Read

Authors: Heyder and Sergey Temnikov
Type: Auxiliary
Pull request: #19304 contributed by heyder
Path: gather/magento_xxe_cve_2024_34102
AttackerKB reference: CVE-2024-34102

Description: This adds an auxiliary module for an XXE which results in an arbitrary file in Magento which is being tracked as CVE-2024-34102.

Ghostscript Command Execution via Format String

Authors: Christophe De La fuente and Thomas Rinsma
Type: Exploit
Pull request: #19313 contributed by cdelafuente-r7
Path: multi/fileformat/ghostscript_format_string_cve_2024_29510
AttackerKB reference: CVE-2024-29510

Description: This adds an exploit module targeting CVE-2024-29510, a format string vulnerability in Ghostscript versions before 10.03.1 to achieve a SAFER sandbox bypass and execute arbitrary commands.

Softing Secure Integration Server v1.22 Remote Code Execution

Authors: Chris Anastasio (muffin) of Incite Team, Imran E. Dawoodjee imrandawoodjee.infosec@gmail.com, and Steven Seeley (mr_me) of Incite Team
Type: Exploit
Pull request: #19084 contributed by ide0x90
Path: windows/http/softing_sis_rce
CVE reference: ZDI-22-1156

Description: This adds a module targeting CVE-2022-1373 and CVE-2022-2334 as an exploit chain against Softing Secure Integration Server 1.22.

Enhancements and features (2)

  • #19338 from adfoster-r7 - Improves error handling and progress tracking in the auxiliary/gather/kerberos_enumusers and gather/asrep modules.
  • #19340 from adfoster-r7 - Improve setg SessionLogging support to work with command shells, as well as allowing logging to be turned on/off at any point - not just for newly created sessions.

Documentation

You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro

cta2-1

NEVER MISS AN EMERGING THREAT

Be the first to learn about the latest vulnerabilities and cybersecurity news.