| Category | Details |
|---|---|
| New Modules (9) | – WordPress POST SMTP Account Takeover: Exploits type juggling issue to reset user passwords (CVE-2023-6875). – X11 Keylogger: Captures keypresses from open X servers (CVE-1999-0526). – Chamilo v1.11.24 Unrestricted File Upload: Remote webshell upload via bigload.php endpoint (CVE-2023-4220).– Ivanti Connect Secure RCE: CRLF injection for RCE with admin credentials (CVE-2024-37404). – vCenter Sudo Privilege Escalation: Exploits sudo misconfigurations to gain root (CVE-2024-37081). – Asterisk AMI Originate RCE: Authenticated RCE using Asterisk Manager Interface (CVE-2024-42365). – Fortinet FortiManager RCE: Exploits missing authentication for unauthenticated RCE (CVE-2024-47575). – Acronis Cyber Protect RCE: Exploits excessive privileges for RCE (CVE-2022-3405). – Windows Local Privilege Escalation: Exploits access mode mismatch in ks.sys for SYSTEM privileges (CVE-2024-35250). |
| Enhancements and Features (1) | – Improved fingerprinting logic for TeamCity login module. |
| Documentation Update (1) | – Added instructions for Metasploit development environment installation on Windows using PowerShell. |
| How to Update | – Use msfupdate to get the latest Metasploit Framework updates.– Fresh installations available via open-source Nightly Installers or Metasploit Pro. |
Read full article: https://www.rapid7.com/blog/post/2024/12/06/metasploit-weekly-wrap-up-44/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply