Metasploit Weekly Wrap-Up 02/21/2025

Feb 22, 2025 12:00 am Cyber Security 39
Metasploit Weekly Wrap-Up 02/21/2025

BeyondTrust exploit + fetch payload updates


This Metasploit release includes an exploit module that chains two vulnerabilities, one exploited in the wild by APT groups and another one, a 0-day discovered by Rapid7 during the vulnerability analysis. This week's release also includes a significant enhancement to Metasploit's fetch payloads, which now support PPC, MIPS and ARM architectures. This allows the payloads to be used in exploits that commonly target embedded systems.


New module content (3)


BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated remote code execution


Author: sfewer-r7
Type: Exploit
Pull request: #19877 contributed by sfewer-r7
Path: linux/http/beyondtrust_pra_rs_unauth_rce
AttackerKB reference: CVE-2025-1094


Description: The module exploits two vulnerabilities: CVE-2024-12356, an argument injection issue in BeyondTrust RS and PRA; and CVE-2025-1094, a Rapid7-discovered SQL injection flaw in PostgreSQL.


InvokeAI remote code execution


Authors: Takahiro Yokoyama and jackfromeast
Type: Exploit
Pull request: #19883 contributed by Takahiro-Yoko
Path: linux/http/invokeai_rce_cve_2024_12029
AttackerKB reference: CVE-2024-12029


Description: This adds an exploit module for InvokeAI unauth RCE (CVE-2024-12029).


Fetch payload update


Authors: Adam Cammack adam_cammack@rapid7.com, Brendan Watters, and Spencer McIntyre
Type: Payload
Pull request: #19850
Support the originator by clicking the read the rest link below.

metasploit weekly
Read The Rest from the original source
blog.rapid7.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!