module
Erlang OTP Pre-Auth RCE Scanner and Exploit
| Disclosed | Created |
|---|---|
| Apr 16, 2025 | May 2, 2025 |
Disclosed
Apr 16, 2025
Created
May 2, 2025
Description
This module detect and exploits CVE-2025-32433, a pre-authentication vulnerability in Erlang-based SSH
servers that allows remote command execution. By sending crafted SSH packets, it executes a payload to
establish a reverse shell on the target system.
The exploit leverages a flaw in the SSH protocol handling to execute commands via the Erlang `os:cmd`
function without requiring authentication.
servers that allows remote command execution. By sending crafted SSH packets, it executes a payload to
establish a reverse shell on the target system.
The exploit leverages a flaw in the SSH protocol handling to execute commands via the Erlang `os:cmd`
function without requiring authentication.
Authors
Horizon3 Attack Team
Matt Keeley
Martin Kristiansen
mekhalleh (RAMELLA Sebastien)
Matt Keeley
Martin Kristiansen
mekhalleh (RAMELLA Sebastien)
Platform
Linux,Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.