metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MSF:POST-LINUX-	Tenable Security Center_MSF:POST-LINUX-GATHER-TENABLE_SECURITY_CENTER- This module collects credentials and setup information from Tenable Security Center. root or TNS user permissions are required. We don't utilize SC...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	HUSTOJ Admin users can zip-slip problem_import_qduoj.php, planting PHP files in webroot for RCE_MSF:EXPLOIT-LINUX-HTTP-HUSTOJ_PROBLEM_IMPORT_RCE- A user with administrative privileges can abuse the problemimportqduoj.php CGI script using a crafted zip file zip-slip to traverse backwards throu...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-ADMIN-	Cisco Catalyst SD-WAN Controller vHub Authentication Bypass_MSF:AUXILIARY-ADMIN-NETWORKING-CISCO_SDWAN_VHUB_AUTH_BYPASS- This module exploits an authentication bypass vulnerability CVE-2026-20182 in the Cisco Catalyst SD-WAN Controller. The vdaemon DTLS control-plane ...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	GestioIP 3.5.7 Remote Command Execution_MSF:EXPLOIT-MULTI-HTTP-GESTIOIP_RCE- This module exploits a command execution via file upload. If GestioIP is configured to use no authentication for admin account, no password is requ...	N/A	N/A	May 14, 2026	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-UNIX-	Dolibarr ERP/CRM Authenticated Code Injection_MSF:EXPLOIT-UNIX-HTTP-DOLIBARR_CMS_RCE_CVE_2023_30253- Dolibarr ERP/CRM before 17.0.1 allows remote code execution by an authenticated user who has access to the Website module. The application filters ...	N/A	N/A	May 14, 2026	METASPLOIT
CRITICAL 9.4	MSF:AUXILIARY-GATHER-	Marvell QConvergeConsole Path Traversal (CVE-2025-6793)_MSF:AUXILIARY-GATHER-QCONVERGECONSOLE_TRAVERSAL- This module exploits a path traversal vulnerability CVE-2025-6793 in Marvell QConvergeConsole use auxiliary/gather/qconvergeconsoletraversal msf au...	N/A	N/A	May 11, 2026	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	VIM Plugin Persistence_MSF:EXPLOIT-LINUX-PERSISTENCE-VIM_PLUGIN- This module creates a VIM Plugin which executes a payload on VIM startup. Module Options msf use exploit/linux/persistence/vimplugin msf exploitvim...	N/A	N/A	May 8, 2026	METASPLOIT
NONE	MSF:AUXILIARY-SCANNER-	Anonymous FTP Access Detection_MSF:AUXILIARY-SCANNER-FTP-FTP_ANONYMOUS- Detect anonymous read/write FTP service access. Module Options msf use auxiliary/scanner/ftp/ftpanonymous msf auxiliaryftpanonymous show actions .....	N/A	N/A	May 6, 2026	METASPLOIT
NONE	MSF:PAYLOAD-CMD-	HTTP Fetch, Linux Execute Command_MSF:PAYLOAD-CMD-LINUX-HTTP-AARCH64-EXEC- Fetch and execute an AARCH64 payload from an HTTP server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/l...	N/A	N/A	May 1, 2026	METASPLOIT
HIGH 7.8	MSF:EXPLOIT-LINUX-	Copy Fail AF_ALG + authencesn Page-Cache Write_MSF:EXPLOIT-LINUX-LOCAL-CVE_2026_31431_COPY_FAIL- CVE-2026-31431 is a logic flaw in the Linux kernel's authencesn AEAD template that, when reached via the AFALG socket interface combined with splic...	N/A	N/A	May 1, 2026	METASPLOIT