
























We are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they function/are presented to users. We are currently accepting responses to our feedback form, which means that you can shape the future of how evasive capabilities are implemented in Metasploit Framework. The proposal for the changes can be found here, and you can submit your responses to the form here. The form will stop accepting responses on the 1st of July, 2026.
New module content and improvements have also been added this week. This includes a Next.js Middleware Authorization Bypass scanner, LiteLLM Proxy SQL Injection, an unauthenticated API authentication bypass scanner for Audiobookshelf, a deserialization RCE in Dalfox, and improvements to service and host reporting in bruteforce-related modules.
Authors: Kenneth LaCroix and swiftbird07
Type: Auxiliary
Pull request: #21565 contributed by kenlacroix
Path: scanner/http/audiobookshelf_auth_bypass
AttackerKB reference: CVE-2025-25205
Description: Adds audiobookshelf_auth_bypass, a detection module for CVE-2025-25205 — an unauthenticated API authentication bypass in Audiobookshelf (self-hosted audiobook/podcast server), affecting versions 2.17.0 – 2.19.0 (fixed in 2.19.1).
Authors: Kenneth LaCroix and Tencent YunDing Security Lab
Type: Auxiliary
Pull request: #21567 contributed by kenlacroix
Path: scanner/http/litellm_proxy_sqli
AttackerKB reference: CVE-2026-42208
Description: Adds auxiliary/scanner/http/litellm_proxy_sqli, a detection module for CVE-2026-42208 (CVSS 9.3, on the CISA KEV list) — a pre-authentication SQL injection in BerriAI LiteLLM proxy.
Authors: Kenneth LaCroix, Rachid Allam, and Yasser Allam
Type: Auxiliary
Pull request: #21566 contributed by kenlacroix
Path: scanner/http/nextjs_middleware_auth_bypass
AttackerKB reference: CVE-2025-29927
Description: Adds nextjs_middleware_auth_bypass, a detection module for CVE-2025-29927 (CVSS 9.1) — an authorization bypass in self-hosted Next.js applications.
Authors: Emmanuel David and Takahiro Yokoyama
Type: Exploit
Pull request: #21493 contributed by Takahiro-Yoko
Path: linux/http/dalfox_server_rce_cve_2026_45087
AttackerKB reference: CVE-2026-45087
Description: This adds an exploit module for Dalfox Server versions <= 2.12.0 which are vulnerable to an unauthenticated RCE tracked as CVE-2026-45087. The vulnerability allows attackers to send arbitrary commands via found-action post parameter which gets deserialized and run in the context of the user running the server.
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。