| Category | Details |
|---|---|
| New Modules (9) | - WordPress POST SMTP Account Takeover: Exploits type juggling issue to reset user passwords (CVE-2023-6875). - X11 Keylogger: Captures keypresses from open X servers (CVE-1999-0526). - Chamilo v1.11.24 Unrestricted File Upload: Remote webshell upload via bigload.php endpoint (CVE-2023-4220).- Ivanti Connect Secure RCE: CRLF injection for RCE with admin credentials (CVE-2024-37404). - vCenter Sudo Privilege Escalation: Exploits sudo misconfigurations to gain root (CVE-2024-37081). - Asterisk AMI Originate RCE: Authenticated RCE using Asterisk Manager Interface (CVE-2024-42365). - Fortinet FortiManager RCE: Exploits missing authentication for unauthenticated RCE (CVE-2024-47575). - Acronis Cyber Protect RCE: Exploits excessive privileges for RCE (CVE-2022-3405). - Windows Local Privilege Escalation: Exploits access mode mismatch in ks.sys for SYSTEM privileges (CVE-2024-35250). |
| Enhancements and Features (1) | - Improved fingerprinting logic for TeamCity login module. |
| Documentation Update (1) | - Added instructions for Metasploit development environment installation on Windows using PowerShell. |
| How to Update | - Use msfupdate to get the latest Metasploit Framework updates.- Fresh installations available via open-source Nightly Installers or Metasploit Pro. |
Read full article: https://www.rapid7.com/blog/post/2024/12/06/metasploit-weekly-wrap-up-44/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply