3 min
Metasploit
Metasploit Weekly Wrap-Up 04/11/2025
Spring Exploits
This weekly release of Metasploit Framework includes new RCE exploit modules for
several vulnerable applications: Appsmith, a low-code application platform which
contains a misconfiguration on PostgreSQL (CVE-2024-55964); Pandora FMS, a
monitoring solution, where, once gained access to the administrator panel is
possible to inject commands (CVE-2024-12971); Oracle Access Manager, a SSO
application containing an unauthenticated deserialization vulnerability
(CVE-2021-35587); and p
2 min
Metasploit
Metasploit Weekly Wrap-Up 02/21/2025
BeyondTrust exploit + fetch payload updates
This Metasploit release includes an exploit module that chains two
vulnerabilities, one exploited in the wild by APT groups and another one, a
0-day discovered by Rapid7
[https://attackerkb.com/topics/vC7mUlftWA/cve-2025-1094?referrer=search] during
the vulnerability analysis. This week's release also includes a significant
enhancement to Metasploit's fetch payloads, which now support PPC, MIPS and ARM
architectures. This allows the payloads to be use