Skip to content

Commit 5d61c52

Browse files
author
jenkins-metasploit
committed
automatic module_metadata_base.json update
1 parent f20e72b commit 5d61c52

File tree

1 file changed

+56
-0
lines changed

1 file changed

+56
-0
lines changed

db/modules_metadata_base.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -117154,6 +117154,62 @@
117154117154
"session_types": false,
117155117155
"needs_cleanup": null
117156117156
},
117157+
"exploit_osx/http/remote_for_mac_rce": {
117158+
"name": "Remote for Mac Unauthenticated RCE",
117159+
"fullname": "exploit/osx/http/remote_for_mac_rce",
117160+
"aliases": [],
117161+
"rank": 300,
117162+
"disclosure_date": "2025-05-27",
117163+
"type": "exploit",
117164+
"author": [
117165+
"Chokri Hammedi ( <Chokri Hammedi (@blue0x1)>"
117166+
],
117167+
"description": "This module exploits an unauthenticated remote code execution vulnerability in\n Remote for Mac versions up to and including 2025.7 via the /api/executeScript endpoint.\n When authentication is disabled on the target system, it allows attackers to execute\n arbitrary AppleScript commands, which can include shell commands via `do shell script`.\n All versions up to 2025.7 (including patch versions) are vulnerable.",
117168+
"references": [
117169+
"PACKETSTORM-195347"
117170+
],
117171+
"platform": "OSX,Unix",
117172+
"arch": "cmd",
117173+
"rport": 80,
117174+
"autofilter_ports": [
117175+
80,
117176+
8080,
117177+
443,
117178+
8000,
117179+
8888,
117180+
8880,
117181+
8008,
117182+
3000,
117183+
8443
117184+
],
117185+
"autofilter_services": [
117186+
"http",
117187+
"https"
117188+
],
117189+
"targets": [
117190+
"Auto"
117191+
],
117192+
"mod_time": "2025-06-08 15:36:37 +0000",
117193+
"path": "/modules/exploits/osx/http/remote_for_mac_rce.rb",
117194+
"is_install_path": true,
117195+
"ref_name": "osx/http/remote_for_mac_rce",
117196+
"check": true,
117197+
"post_auth": false,
117198+
"default_credential": false,
117199+
"notes": {
117200+
"Stability": [
117201+
"crash-safe"
117202+
],
117203+
"Reliability": [
117204+
"repeatable-session"
117205+
],
117206+
"SideEffects": [
117207+
"ioc-in-logs"
117208+
]
117209+
},
117210+
"session_types": false,
117211+
"needs_cleanup": null
117212+
},
117157117213
"exploit_osx/local/acronis_trueimage_xpc_privesc": {
117158117214
"name": "Acronis TrueImage XPC Privilege Escalation",
117159117215
"fullname": "exploit/osx/local/acronis_trueimage_xpc_privesc",

0 commit comments

Comments
 (0)