Metasploit-framework: RV320 info disclosure -> remote root exploit

Created on 19 Feb 2019  路  3Comments  路  Source: rapid7/metasploit-framework

Since https://github.com/rapid7/metasploit-framework/pull/11366 is now in main, it might be interesting to implement the "Full Chain" of bugs from the advisories to gain remote root command execution, as per this exploit.

informative module suggestion
Source
picture 0x27
👍1

Most helpful comment

Hey @0x27 @asoto-r7 , I have a working exploit module right here:
https://github.com/blightzero/metasploit-framework/blob/master/modules/exploits/linux/http/cisco_rv32x_rce.rb
I haven't yet come around to put in a pull request. It may need some finishing touches but it is in a working state where you can gain unauthenticated remote root.

picture blightzero on 22 Feb 2019
3

All 3 comments

Hey @0x27, great minds think alike! I've got an auxiliary module here, ready to be turned into an exploit module. Got some time to help us out?

https://raw.githubusercontent.com/asoto-r7/metasploit-framework/7ecc89928b3d8b0bb5af00115701a4e0203666c7/modules/auxiliary/admin/cisco/cisco_rv320_exec.rb

asoto-r7 picture asoto-r7 on 19 Feb 2019

Hey @0x27 @asoto-r7 , I have a working exploit module right here:
https://github.com/blightzero/metasploit-framework/blob/master/modules/exploits/linux/http/cisco_rv32x_rce.rb
I haven't yet come around to put in a pull request. It may need some finishing touches but it is in a working state where you can gain unauthenticated remote root.

blightzero picture blightzero on 22 Feb 2019
3

Added in #11482

bcoles picture bcoles on 17 May 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mdisec picture mdisec  路  3Comments
bugshere picture bugshere  路  3Comments
notdodo picture notdodo  路  3Comments
Funeoz picture Funeoz  路  3Comments
bcoles picture bcoles  路  3Comments