Back to Blog
Products and Tools

Metasploit Wrap-Up 09/26/2025

Christopher Granleese
Christopher Granleese
|Last updated on Sep 26, 2025|xx min read
Metasploit Wrap-Up 09/26/2025

New module content (2)

Cron Persistence

Author: h00die [email protected] 

Type: Exploit

Pull request: #20508 contributed by h00die 

Path: multi/persistence/cron

Description: Update cron persistence to use the new mixin.

FreePBX ajax.php authenticated SQLi to RCE

Authors: Echo_Slow, Piotr Bazydlo, and Sonny

Type: Exploit

Pull request: #20559 contributed by EchoSl0w 

Path: unix/http/freepbx_unauth_sqli_to_rce 

AttackerKB reference: CVE-2025-57819

Description: This adds a new module for SQLi in FreePBX (CVE-2025-57819). The module will utilize SQL injection to insert a new item into the cron_jobs table, thereby achieving remote code execution.

Enhancements and features (3)

  • #20508 from h00die - Update cron persistence to use the new mixin.
  • #20524 from h00die - This updates the yum_package_manager_persistence module to use the new persistence mixin.
  • #20533 from cdelafuente-r7 - This adds references to relevant module content for MITRE ATT&CK technique T1003 and sub-techniques, enabling users to quickly identify module content to emulate a particular attack.

Bugs fixed (5)

  • #20512 from cdelafuente-r7 - Bump bson version to 5.1.1 and ed25519 to 1.4.0 so that they work with the latest gcc and Ruby 3.2.8.
  • #20553 from BenoitDePaoli - This fixes a bug that was preventing the private type of stored credentials to be omitted in certain conditions.
  • #20557 from jeffmcjunkin - Multi-value RHOSTS are crashing with an ActiveRecord/PostgreSQL error when reporting exploit failures. This resolves the issue by verifying whether RHOSTS is a valid IP address.
  • #20561 from cgranleese-r7 - Fixes a crash when running modules that reported notes with no data present, such as the admin/mssql/mssql_enum and scanner/http/wordpress_scanner modules.
  • #20562 from uhei - Fixes a regex to properly handle an inconsistency in the syntax of the WebLogic Server version string depending on the version release.

Documentation added (1)

  • #20540 from Chocapikk - Adds more tips to the common tips file to be displayed at start or when a user runs tip in the framework ui.

You can always find more documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro

LinkedInFacebookXBluesky

Article Tags

Christopher Granleese
Christopher Granleese
Author Posts

Related blog posts