Authors: 6right and jheysel-r7
Type: Exploit
Pull request: #19348 contributed by jheysel-r7
Path: linux/http/apache_hugegraph_gremlin_rce
AttackerKB reference: CVE-2024-27348
Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335, which is a Remote Code Execution (RCE) vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve RCE through Gremlin, resulting in complete control over the server.
Authors: Alvaro Muñoz alias pwntester (https://github.com/pwntester) and h00die-gr3y [email protected]
Type: Exploit
Pull request: #19347 contributed by h00die-gr3y
Path: linux/http/openmetadata_auth_bypass_rce
AttackerKB reference: CVE-2024-28254
Description: This module chains two vulnerabilities that exist in the OpenMetadata application. The first vulnerability, CVE-2024-28255, bypasses the API authentication using JWT tokens. It misuses the JwtFilter that checks the path of the URL endpoint against a list of excluded endpoints that does not require authentication. By chaining this vulnerability with CVE-2024-28254, that allows for arbitrary SpEL injection at the endpoint.
Authors: Michael Heinzl and rgod
Type: Exploit
Pull request: #19370 contributed by h4x-x0r
Path: windows/http/lg_simple_editor_rce_uploadvideo
CVE reference: ZDI-23-1208
Description: This adds an exploit module for CVE-2023-40504, a command injection vulnerability in LG Simple Editor application allowing the execution of arbitrary commands as NT AUTHORITY\SYSTEM
.
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro