metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	MSF:AUXILIARY-SCANNER-	SimpleHelp Path Traversal Vulnerability CVE-2024-57727_MSF:AUXILIARY-SCANNER-HTTP-SIMPLEHELP_TOOLBOX_PATH_TRAVERSAL- There exists a path traversal vulnerability in the /toolbox-resource endpoint that enables unauthenticated ...	N/A	N/A	Aug 29, 2025	METASPLOIT
NONE	MSF:AUXILIARY-SCANNER-	SonicWall HTTP Login Scanner_MSF:AUXILIARY-SCANNER-SONICWALL-SONICWALL_LOGIN- This module adds HTTP Login scanning for SonicWall NSv. It allows scanning both admin and user accounts. Module Options msf > use auxiliary/scan...	N/A	N/A	Aug 29, 2025	METASPLOIT
NONE	MSF:AUXILIARY-SERVER-	Microsoft Windows SMB to LDAP Relay_MSF:AUXILIARY-SERVER-RELAY-SMB_TO_LDAP- This module supports running an SMB server which validates credentials, and then attempts to execute a relay attack against an LDAP serve...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	Appsmith RCE_MSF:EXPLOIT-LINUX-HTTP-APPSMITH_RCE_CVE_2024_55964- An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. Module ...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	InvoiceShelf unauthenticated PHP Deserialization Vulnerability_MSF:EXPLOIT-LINUX-HTTP-INVOICESHELF_UNAUTH_RCE_CVE_2024_55556- InvoiceShelf is an open-source web & mobile app that helps you track expenses, payments, create professional invoices & estimates...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	BentoML RCE_MSF:EXPLOIT-LINUX-HTTP-BENTOML_RCE_CVE_2025_27520- A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in v1.4.2 of BentoML. ...	N/A	N/A	Aug 29, 2025	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-LINUX-	Eramba (up to 3.19.1) Authenticated Remote Code Execution Module_MSF:EXPLOIT-LINUX-HTTP-ERAMBA_RCE- This module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server ...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	D-Tale RCE_MSF:EXPLOIT-LINUX-HTTP-DTALE_RCE_CVE_2025_0655- This exploit effectively serves as a bypass for CVE-2024-3408. An attacker can override global state to enable custom...	N/A	N/A	Aug 29, 2025	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-LINUX-	Invoice Ninja unauthenticated PHP Deserialization Vulnerability_MSF:EXPLOIT-LINUX-HTTP-INVOICENINJA_UNAUTH_RCE_CVE_2024_55555- Invoice Ninja is a free invoicing software for small businesses, based on the PHP framework Laravel. A Remote Code Execution vulnerabilit...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 10	MSF:EXPLOIT-LINUX-	RaspberryMatic unauthenticated Remote Code Execution vulnerability through HMServer File Upload._MSF:EXPLOIT-LINUX-HTTP-RASPBERRYMATIC_UNAUTH_RCE_CVE_2024_24578- RaspberryMatic / OCCU contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the Java...	N/A	N/A	Aug 29, 2025	METASPLOIT