metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	MSF:EXPLOIT-MULTI-	Template Injection Vulnerability in Sawtooth Software’s Lighthouse Studio (CVE-2025-34300)_MSF:EXPLOIT-MULTI-HTTP-LIGHTHOUSE_STUDIO_UNAUTH_RCE_CVE_2025_34300- This module exploits a template injection vulnerability in the Sawtooth Software Lighthouse Studio's ciwweb.pl web application. ...	N/A	N/A	Sep 9, 2025	METASPLOIT
CRITICAL 9.3	MSF:EXPLOIT-LINUX-	Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with ...	N/A	N/A	Sep 4, 2025	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	Bash Profile Persistence_MSF:EXPLOIT-LINUX-PERSISTENCE-BASH_PROFILE- This module writes an execution trigger to the target's Bash profile. The execution trigger executes a call back payload whenever th...	N/A	N/A	Sep 2, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	Remote Code Execution Vulnerability in XWiki Platform (CVE-2025-24893)_MSF:EXPLOIT-MULTI-HTTP-XWIKI_UNAUTH_RCE_CVE_2025_24893- This module exploits a template injection vulnerability in the the XWiki Platform. XWiki includes a macro...	N/A	N/A	Sep 1, 2025	METASPLOIT
MEDIUM 6.5	MSF:AUXILIARY-SCANNER-	Pretalx Arbitrary File Read/Limited File Write_MSF:AUXILIARY-SCANNER-HTTP-PRETALX_FILE_READ_CVE_2023_28459- This module exploits functionality in Pretalx that export conference schedule as zipped file. The Pretalx...	N/A	N/A	Aug 28, 2025	METASPLOIT
MEDIUM 4.3	MSF:EXPLOIT-LINUX-	Pretalx Limited File Write to Remote Code Execution_MSF:EXPLOIT-LINUX-HTTP-PRETALX_RCE_CVE_2023_28458- This module exploits CVE-2023-28458, a limited file write in Pretalx, up to...	N/A	N/A	Aug 28, 2025	METASPLOIT
NONE	MSF:EXPLOIT-OSX-	Remote for Mac 2025.6 Unauthenticated UDP Keyboard RCE_MSF:EXPLOIT-OSX-MISC-REMOTE_FOR_MAC_UDP_RCE- This module exploits an unauthenticated remote code execution vulnerability in Remote for Mac 2025.6. When the "Allow...	N/A	N/A	Aug 28, 2025	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-ADMIN-	mySCADA myPRO Manager Credential Harvester (CVE-2025-24865 and CVE-2025-22896)_MSF:AUXILIARY-ADMIN-SCADA-MYPRO_MGR_CREDS- Credential Harvester in MyPRO Manager <= v1.3 from mySCADA. The product suffers from...	N/A	N/A	Aug 29, 2025	METASPLOIT
NONE	MSF:AUXILIARY-ADMIN-	Get NAA Credentials_MSF:AUXILIARY-ADMIN-SCCM-GET_NAA_CREDENTIALS- This module attempts to retrieve the Network Access Account(s), if configured, from the SCCM server. ...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-SCANNER-	NetAlertX File Read Vulnerability_MSF:AUXILIARY-SCANNER-HTTP-NETALERTX_FILE_READ- This module exploits improper authentication in logs.php endpoint. An unathenticated attacker can request log...	N/A	N/A	Aug 29, 2025	METASPLOIT