automatic module_metadata_base.json update

msjenkins-r7 · msjenkins-r7 · commit 2452fd57bb1c · 2024-08-23T04:26:17.000-05:00
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -25763,6 +25763,69 @@
 
     ]
   },
+  "auxiliary_gather/ray_lfi_cve_2023_6020": {
+    "name": "Ray static arbitrary file read",
+    "fullname": "auxiliary/gather/ray_lfi_cve_2023_6020",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2023-11-15",
+    "type": "auxiliary",
+    "author": [
+      "byt3bl33d3r <marcello@protectai.com>",
+      "danmcinerney <dan@protectai.com>",
+      "Takahiro Yokoyama"
+    ],
+    "description": "Ray before 2.8.1 is vulnerable to a local file inclusion.",
+    "references": [
+      "CVE-2023-6020",
+      "URL-https://huntr.com/bounties/83dd8619-6dc3-4c98-8f1b-e620fedcd1f6/",
+      "URL-https://github.com/protectai/ai-exploits/tree/main/ray"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 8265,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2024-08-20 08:15:16 +0000",
+    "path": "/modules/auxiliary/gather/ray_lfi_cve_2023_6020.rb",
+    "is_install_path": true,
+    "ref_name": "gather/ray_lfi_cve_2023_6020",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ],
+      "Reliability": [
+
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false,
+    "actions": [
+
+    ]
+  },
   "auxiliary_gather/redis_extractor": {
     "name": "Redis Extractor",
     "fullname": "auxiliary/gather/redis_extractor",
@@ -79984,6 +80047,137 @@
     "session_types": false,
     "needs_cleanup": true
   },
+  "exploit_linux/http/ray_agent_job_rce": {
+    "name": "Ray Agent Job RCE",
+    "fullname": "exploit/linux/http/ray_agent_job_rce",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2023-11-15",
+    "type": "exploit",
+    "author": [
+      "sierrabearchell",
+      "byt3bl33d3r <marcello@protectai.com>",
+      "Takahiro Yokoyama"
+    ],
+    "description": "RCE in Ray via the agent job submission endpoint.\n          This is intended functionality as Ray's main purpose is executing arbitrary workloads.\n          By default Ray has no authentication.",
+    "references": [
+      "CVE-2023-48022",
+      "URL-https://huntr.com/bounties/b507a6a0-c61a-4508-9101-fceb572b0385/",
+      "URL-https://huntr.com/bounties/787a07c0-5535-469f-8c53-3efa4e5717c7/"
+    ],
+    "platform": "Linux",
+    "arch": "",
+    "rport": 8265,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Linux x64",
+      "Linux x86",
+      "Linux aarch64",
+      "Linux Command"
+    ],
+    "mod_time": "2024-08-21 21:38:37 +0000",
+    "path": "/modules/exploits/linux/http/ray_agent_job_rce.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/ray_agent_job_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk",
+        "ioc-in-logs"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
+  "exploit_linux/http/ray_cpu_profile_cmd_injection_cve_2023_6019": {
+    "name": "Ray cpu_profile command injection",
+    "fullname": "exploit/linux/http/ray_cpu_profile_cmd_injection_cve_2023_6019",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2023-11-15",
+    "type": "exploit",
+    "author": [
+      "sierrabearchell",
+      "byt3bl33d3r <marcello@protectai.com>",
+      "Takahiro Yokoyama"
+    ],
+    "description": "Ray RCE via cpu_profile command injection vulnerability.",
+    "references": [
+      "CVE-2023-6019",
+      "URL-https://huntr.com/bounties/d0290f3c-b302-4161-89f2-c13bb28b4cfe/"
+    ],
+    "platform": "Linux",
+    "arch": "",
+    "rport": 8265,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Linux x64",
+      "Linux x86",
+      "Linux aarch64",
+      "Linux Command"
+    ],
+    "mod_time": "2024-08-21 22:32:53 +0000",
+    "path": "/modules/exploits/linux/http/ray_cpu_profile_cmd_injection_cve_2023_6019.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/ray_cpu_profile_cmd_injection_cve_2023_6019",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk",
+        "ioc-in-logs"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_linux/http/rconfig_ajaxarchivefiles_rce": {
     "name": "Rconfig 3.x Chained Remote Code Execution",
     "fullname": "exploit/linux/http/rconfig_ajaxarchivefiles_rce",
