Metasploit Weekly Wrap-Up: 08/16/2024

Metasploit Weekly Wrap-Up 08/16/2024

Last updated at Fri, 16 Aug 2024 18:43:42 GMT

New module content (3)

Apache HugeGraph Gremlin RCE

Authors: 6right and jheysel-r7
Type: Exploit
Pull request: #19348 contributed by jheysel-r7
Path: linux/http/apache_hugegraph_gremlin_rce
AttackerKB reference: CVE-2024-27348

Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335, which is a Remote Code Execution (RCE) vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve RCE through Gremlin, resulting in complete control over the server.

OpenMetadata authentication bypass and SpEL injection exploit chain

Authors: Alvaro Muñoz alias pwntester (https://github.com/pwntester) and h00die-gr3y h00die.gr3y@gmail.com
Type: Exploit
Pull request: #19347 contributed by h00die-gr3y
Path: linux/http/openmetadata_auth_bypass_rce
AttackerKB reference: CVE-2024-28254

Description: This module chains two vulnerabilities that exist in the OpenMetadata application. The first vulnerability, CVE-2024-28255, bypasses the API authentication using JWT tokens. It misuses the JwtFilter that checks the path of the URL endpoint against a list of excluded endpoints that does not require authentication. By chaining this vulnerability with CVE-2024-28254, that allows for arbitrary SpEL injection at the endpoint.

LG Simple Editor Command Injection (CVE-2023-40504)

Authors: Michael Heinzl and rgod
Type: Exploit
Pull request: #19370 contributed by h4x-x0r
Path: windows/http/lg_simple_editor_rce_uploadvideo
CVE reference: ZDI-23-1208

Description: This adds an exploit module for CVE-2023-40504, a command injection vulnerability in LG Simple Editor application allowing the execution of arbitrary commands as NT AUTHORITY\SYSTEM.

Documentation

You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro

Metasploit Weekly Wrap-Up 08/16/2024

New module content (3)

Apache HugeGraph Gremlin RCE

OpenMetadata authentication bypass and SpEL injection exploit chain

LG Simple Editor Command Injection (CVE-2023-40504)

Documentation

Get it

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Metasploit Weekly Wrap-Up 08/16/2024

New module content (3)

Apache HugeGraph Gremlin RCE

OpenMetadata authentication bypass and SpEL injection exploit chain

LG Simple Editor Command Injection (CVE-2023-40504)

Documentation

Get it

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Related Posts

Related Posts

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Never miss a blog