Last updated at Mon, 24 Apr 2023 22:08:24 GMT
Cisco RV Series Auth Bypass and Command Injection
Thanks to community contributor neterum, Metasploit framework just gained an awesome new module which targets Cisco Small Business RV Series Routers. The module actually exploits two vulnerabilities, an authentication bypass CVE-2022-20705 and a command injection vulnerability CVE-2022-20707 in order to achieve code execution in the context of user www-data.
New module content (2)
Cisco RV Series Authentication Bypass and Command Injection
Authors: Biem Pham, Neterum, and jbaines-r7
Pull request: #17599 contributed by neterum
Attacker KB Reference: CVE-2022-20707
Description: An exploit for Cisco RV160, RV260, RV340 and RV345 Small Business Routers prior to firmware version 1.0.03.26 has been added which exploits CVE-2022-20705, an authentication bypass, and CVE-2022-20707, a command injection vulnerability, to achieve remote code execution as the
www-data user on affected devices as an unauthenticated attacker.
GitLab GitHub Repo Import Deserialization RCE
Authors: Heyder Andrade, RedWay Security, and William Bowling (vakzz)
Pull request: #17281 contributed by heyder
AttackerKB reference: CVE-2022-2992
Description: This adds an exploit for CVE-2022-2992 which is authenticated remote command execution in GitLab.
Enhancements and features (1)
- #17594 from zeroSteiner - The DLL template code has been updated so that tools such as
msfvenomcan use DLL templates with payloads that were larger than 4096 bytes, such as unstaged payloads. Note that this update only applies to the default DLL templates that Metasploit provides, and not to external DLL templates which are restricted to 4096 bytes at this time.
Bugs fixed (1)
- #17645 from adfoster-r7 - Fixes a bug that caused warnings to be output on Arch Linux environments when starting msfconsole
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).