National Cyber Warfare Foundation (NCWF)

Metasploit Weekly Wrap-up 11 29 2024
0 user ratings		2024-11-29 18:21:19
milo
Red Team (CNA)
 - archive -- 
Four new Metasploit modules released, including CUPS IPP Attributes LAN Remote Code Execution CVE-2024-47176

New module content (4)


Acronis Cyber Protect/Backup machine info disclosure


Metasploit Weekly Wrap-up 11/29/2024

Authors: Sandro Tolksdorf of usd AG. and h00die-gr3y [email protected]

Type: Auxiliary

Pull request: #19582 contributed by h00die-gr3y

Path: gather/acronis_cyber_protect_machine_info_disclosure

AttackerKB reference: CVE-2022-3405


Description: Adds an auxiliary module which exploits Sensitive information disclosure due to an improper authentication vulnerability in Acronis Cyber Protect 15 before build 29486 and Acronis Cyber Backup 12.5 before build 16545.


Strapi CMS Unauthenticated Password Reset


Authors: WackyH4cker and h00die

Type: Auxiliary

Pull request: #19654 contributed by h00die

Path: scanner/http/strapi_3_password_reset

AttackerKB reference: CVE-2019-18818


Description: Adds a module that lets you leverage the mishandling of a password reset request for Strapi CMS version 3.0.0-beta.17.4, which results in the ability to change the password of the admin user.


ProjectSend r1295 - r1605 Unauthenticated Remote Code Execution


Authors: Florent Sicchio, Hugo Clout, and ostrichgolf

Type: Exploit

Pull request: #19531 contributed by ostrichgolf

Path: linux/http/projectsend_unauth_rce


Description: Adds a new exploit module targeting ProjectSend versions r1335 through r1605. The module exploits an improper authorization vulnerability, allowing unauthenticated RCE by manipulating the application's configuration settings.


CUPS IPP Attributes LAN Remote Code Execution


Authors: David Batley, RageLtMan rageltman@sempervictus, Rick de Jager, Ryan Emmons, Simone Margaritelli, and Spencer McIntyre

Type: Exploit

Pull request: #19630 contributed by remmons-r7

Path: multi/misc/cups_ipp_remote_code_execution

AttackerKB reference: CVE-2024-47176


Description: This adds an exploit for CUPS, where a remote attacker can advertise a malicious printing service that when used will execute a command on the printing client.


Enhancements and features (2)



  • #19651 from smashery - This updates the smb_version module to detect the host OS version when SMB 1 is disabled.

  • #19678 from smashery - This adds a new LDAP query to enumerate computer accounts that were created with the "pre-Windows 2000 computer" option which might mean they weak passwords.


Bugs fixed (0)


None


Documentation


You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.


Get it


As always, you can update to the latest Metasploit Framework with msfupdate

and you can get more details on the changes since the last blog post from

GitHub:



If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.

To install fresh without using git, you can use the open-source-only Nightly Installers or the

commercial edition Metasploit Pro




Source: Rapid7
Source Link: https://blog.rapid7.com/2024/11/29/metasploit-weekly-wrapup-11-29-2024/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.