Metasploit Wrap-up 06/06/25

Jun 7, 2025 12:00 am Cyber Security 224

ThinManager Path Traversal (CVE-2023-27855) Arbitrary File Upload


Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #20138 contributed by h4x-x0r
Path: admin/networking/thinmanager_traversal_upload
AttackerKB reference: CVE-2023-2917


Description: Adds an auxiliary module that targets CVE-2023-27855, a path traversal vulnerability in ThinManager <= v13.0.1 to upload an arbitrary file to the target system as SYSTEM.


ThinManager Path Traversal (CVE-2023-2917) Arbitrary File Upload


Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #20141 contributed by h4x-x0r
Path: admin/networking/thinmanager_traversal_upload2
AttackerKB reference: CVE-2023-2917


Description: Adds a module targeting CVE-2023-2917, a path traversal vulnerability in ThinManager <= v13.1.0, to upload an arbitrary file as system.


ThinManager Path Traversal (CVE-2023-27856) Arbitrary File Download


Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #20139 contributed by h4x-x0r
Path: gather/thinmanager_traversal_download
AttackerKB reference: CVE-2023-27856


Description: Adds an auxiliary module targeting CVE-2023-27856, a path traversal vulnerability in ThinManager <= v13.0.1, to download an arbitrary file from the target system.


udev persistence


Author: Julien Voisin
Type: Exploit
Pull request: metasploit

Read The Rest from the original source
blog.rapid7.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!