Last updated at Fri, 08 Sep 2023 18:14:04 GMT
New module content (4)
Roundcube TimeZone Authenticated File Disclosure
Description: This PR adds a module to retrieve an arbitrary file on hosts running Roundcube versions from 1.1.0 through version 1.3.2.
Elasticsearch Memory Disclosure
Description: Adds an aux scanner module which exploits a memory disclosure vulnerability within Elasticsearch 7.10.0 to 7.13.3 (inclusive) by submitting a malformed query that generates an error message containing previously used portions of a data buffer. The disclosed memory could contain sensitive information such as Elasticsearch documents or authentication details.
QueueJumper - MSMQ RCE Check
Authors: Bastian Kanbach, Haifei Li, and Wayne Low
Pull request: #18281 contributed by bka-dev
AttackerKB reference: CVE-2023-21554
Description: This PR adds a module that detects Windows hosts that are vulnerable to Microsoft Message Queuing Remote Code Execution aka QueueJumper.
SolarView Compact unauthenticated remote command execution vulnerability.
Description: This PR adds a module which exploits a vulnerability that allows remote code execution on a vulnerable SolarView Compact device by bypassing internal restrictions through the vulnerable endpoint downloader.php using the file parameter. Firmware versions up to v6.33 are vulnerable.
Enhancements and features (2)
- #18179 from jvoisin - This improves the windows checkvm post module by adding new techniques to identify the hypervisor in which the session is running.
- #18190 from jvoisin - This improves the linux checkvm post module by adding new techniques to identify the hypervisor in which the session is running.
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).