Metasploit Weekly Wrap-Up 08/16/2024
Discription

New module content (3) Apache HugeGraph Gremlin RCE Authors: 6right and jheysel-r7 Type: Exploit Pull request: #19348 contributed by jheysel-r7 Path: linux/http/apache_hugegraph_gremlin_rce AttackerKB reference: CVE-2024-27348 Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335, which is a Remote Code Execution (RCE) vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve RCE through Gremlin, resulting in complete control over the server. OpenMetadata authentication bypass and SpEL injection exploit chain Authors: Alvaro Muñoz alias pwntester (https://github.com/pwntester) and h00die-gr3y [email protected] Type: Exploit Pull request: #19347 contributed by h00die-gr3y Path: linux/http/openmetadata_auth_bypass_rce AttackerKB reference: CVE-2024-28254 Description: This module chains two vulnerabilities that exist in the OpenMetadata application. The first vulnerability, CVE-2024-28255, bypasses the API authentication using JWT tokens. It misuses the JwtFilter that checks the path of the URL endpoint against a list of excluded endpoints that does not require authentication. By chaining this vulnerability with CVE-2024-28254, that allows for arbitrary SpEL injection at the endpoint. LG Simple Editor Command Injection (CVE-2023-40504) Authors: Michael Heinzl and rgod Type: Exploit Pull request: #19370 contributed by h4x-x0r Path:…Read More

Back to Main

Subscribe for the latest news: