vBulletin strikes again
This week saw another vBulletin exploit released by returning community member Zenofex. This exploit module allows an unauthenticated attacker to run arbitrary PHP code or operating system commands on affected versions of the vBulletin web application. The vulnerability, which was also discovered by Zenofex, is identified as CVE-2020-7373 and is effectively a bypass for a previously patched vulnerability identified as CVE-2019-16759. Administrators running vBulletin should patch this one immediately.
Multiple DNS improvements
Community member digininja reported and submitted fixes (with the help of bcoles) for multiple DNS related bugs affecting the DNS Enumeration and Dyn DNS Update modules. Additionally, digininja submitted a patch to allow the Dyn DNS Update module to target servers running on non-standard ports. These features will go a long way in improving the experience of framework users that are testing DNS services.
Long time community member h00die continues his trend of targeting network devices this week by submitting configuration processing support for devices running Mikrotik’s RouterOS.The new modules can be used to gather information from a live device, or import a configuration previously exported from a live device. These device configurations can contain valuable information for SNMP and VPN services as well as Wireless authentication secrets.
New modules (4)
- vBulletin 5.x PHP remote code execution by Zenofex, which exploits CVE-2020-7373
- Mikrotik Configuration Importer by h00die
- Jupyter Login Utility by Spencer McIntyre
- Mikrotik Gather Device General Information by h00die
Enhancements and features
- Non-Standard Port for Dyn DNS Update by digininja
- DNS Enumeration Bug Fixes by digininja
- Skip CNAME records in DNS SRV Parsing by bcoles
- Dyn DNS Update Fix by digininja
- Database-less Networking Scripts Fixes by h00die
- Fix Scanner Stall For Modules by HynekPetrak
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).