Metasploit Wrap-Up 01/10/2025

Metasploit Wrap-Up 01/10/2025

New module content (4)


GameOver(lay) Privilege Escalation and Container Escape


Authors: bwatters-r7, g1vi, gardnerapp, and h00die
Type: Exploit
Pull request: #19460 contributed by gardnerapp
Path: linux/local/gameoverlay_privesc
AttackerKB reference: CVE-2023-2640


Description: Adds a module for CVE-2023-2640 and CVE-2023-32629, a local privilege escalation in some Ubuntu kernel versions by abusing overly-trusting OverlayFS features.


Clinic's Patient Management System 1.0 - Unauthenticated RCE


Authors: Aaryan Golatkar and Oğulcan Hami Gül
Type: Exploit
Pull request: #19733 contributed by aaryan-11-x
Path: multi/http/clinic_pms_fileupload_rce
AttackerKB reference: CVE-2022-40471


Description: New exploit module for Clinic's Patient Management System 1.0, also dubbed as CVE-2022-40471. The module exploits unrestricted file upload, which can be further used to get remote code execution (RCE) through a malicious PHP file.


WordPress WP Time Capsule Arbitrary File Upload to RCE


Authors: Rein Daelman and Valentin Lobstein
Type: Exploit
Pull request: #19713 contributed by Chocapikk
Path: multi/http/wp_time_capsule_file_upload_rce
AttackerKB reference: CVE-2024-8856


Description: This exploits a Remote Code Execution (RCE) vulnerability identified as CVE-2024-8856 in the WordPress WP Time Capsule plugin (versions ≤ 1.22.21). This vulnerability allows unauthenticated attackers to upload and exec ..

Support the originator by clicking the read the rest link below.