Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.


Displaying module details 191 - 200 of 3743 in total

VMware VDP Known SSH Key Exploit

Disclosed: December 20, 2016

VMware vSphere Data Protection appliances 5.5.x through 6.1.x contain a known ssh private key for the local user admin who is a sudoer without password.

NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow Exploit

Disclosed: December 20, 2016

The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an unauthenticated attacke...

Netgear R7000 and R6400 cgi-bin Command Injection Exploit

Disclosed: December 06, 2016

This module exploits an arbitrary command injection vulnerability in Netgear R7000 and R6400 router firmware version 1.0.7.2_1.1.93 and possibly earlier.

DiskBoss Enterprise GET Buffer Overflow Exploit

Disclosed: December 05, 2016

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP3 and Win...

DiskSavvy Enterprise GET Buffer Overflow Exploit

Disclosed: December 01, 2016

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

Firefox nsSMILTimeContainer::NotifyTimeChange() RCE Exploit

Disclosed: November 30, 2016

This module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.

Jenkins CLI HTTP Java Deserialization Vulnerability Exploit

Disclosed: November 16, 2016

This module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.

Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 Exploit

Disclosed: November 07, 2016

Broadband DSL modems manufactured by Zyxel and distributed by some European ISPs are vulnerable to a command injection vulnerability when setting the 'NewNTPServer' value using the TR-64 SOAP-based configuration protocol. In the tested case, no authentication is required to set this value on affected DSL modems. ...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow Exploit

Disclosed: November 07, 2016

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This exploit has been ...

WinaXe 7.7 FTP Client Remote Buffer Overflow Exploit

Disclosed: November 03, 2016

This module exploits a buffer overflow in the WinaXe 7.7 FTP client. This issue is triggered when a client connects to the server and is expecting the Server Ready response.