The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.
Disclosed: February 27, 2018
This module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "stats" request is executed to check if an amplification attack is possible against a third party.
Disclosed: February 13, 2018
Exploit Eclipse Equinoxe OSGi (Open Service Gateway initiative) console 'fork' command to execute arbitrary commands on the remote system..
Disclosed: January 22, 2018
The HTTP server in AsusWRT has a flaw where it allows an unauthenticated client to perform a POST in certain cases. This can be combined with another vulnerability in the VPN configuration upload routine that sets NVRAM configuration variables directly from the POST request to enable a special command mode. This command m...
CloudMe Sync v1.10.9 Exploit
Disclosed: January 17, 2018
This module exploits a stack-based buffer overflow vulnerability in CloudMe Sync v1.10.9 client application. This module has been tested successfully on Windows 7 SP1 x86.
Disclosed: December 18, 2017
This module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
Disclosed: December 18, 2017
This module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions 3.1-3.5-RC7.
Disclosed: December 13, 2017
The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in version < 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.
Disclosed: December 12, 2017
This module exploits a command injection vulnerability discovered in Commvault Service v11 SP5 and earlier versions (tested in v11 SP5 and v10). The vulnerability exists in the cvd.exe service and allows an attacker to execute arbitrary commands in the context of the service. By default, the Commvault Communicatio...
Disclosed: November 29, 2017
This module exploits a serious flaw in MacOSX High Sierra. Any user can login with user "root", leaving an empty password.
Disclosed: November 21, 2017
This module exploits a Clickjacking vulnerability in pfSense <= 2.4.1. pfSense is a free and open source firewall and router. It was found that the pfSense WebGUI is vulnerable to Clickjacking. By tricking an authenticated admin into interacting with a specially crafted webpage it is possible for an attacker ...