Windows LPE - Cloud File Mini Filer Driver Heap Overflow
This Metasploit release includes an exploit module for CVE-2024-30085, an LPE in cldflt.sys which is known as the Windows Cloud Files Mini Filer Driver. This driver allows users to manage and sync files between a remote server and a local client. The exploit module allows users with an existing session on an affected Windows device to seamlessly escalate their privileges to NT AUTHORITYSYSTEM. This module has been tested on Windows workstation versions 10_1809 through 11_23H2 and Windows server versions 2022 to 22_23H2.
New module content (3)
GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi
Authors: jheysel-r7 and rz
Type: Auxiliary
Pull request: #19974 contributed by jheysel-r7
Path: gather/glpi_inventory_plugin_unauth_sqli
AttackerKB reference: CVE-2025-24799
Description: This adds an auxiliary module for an Unauth Blind Boolean SQLi (CVE-2025-24799) vulnerability in GLPI <= 1.0.18 when the Inventory Plugin is installed and enabled.
Eramba (up to 3.19.1) Authenticated Remote Code Execution Module
Authors: Niklas Rubel, Sergey Makarov, Stefan Pietsch, Trovent Security GmbH, and msutovsky-r7
Type: Exploit
Pull request: #19957 contributed by msutovsky-r7
Path: linux/http/eramba_rce
AttackerKB reference: CVE-2023-36255
Description: This adds an exploit for CVE-2023-36255 which is an authenticated command injection vulnerability in Eramba.
Windows Cloud File Mini Filer Driver Heap Overflow
Authors: Alex Birnberg, bwatters-r7, and ssd-disclosure
Type: Exploit
Pull request: < ..
Support the originator by clicking the read the rest link below.
