automatic module_metadata_base.json update

sjanusz-r7 · Aug 7, 2024 · 6fcd06b · 6fcd06b
1 parent baca872
commit 6fcd06b
Showing 1 changed file with 61 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -115724,6 +115724,67 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_multi/misc/calibre_exec": {
+    "name": "Calibre Python Code Injection (CVE-2024-6782)",
+    "fullname": "exploit/multi/misc/calibre_exec",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-07-31",
+    "type": "exploit",
+    "author": [
+      "Amos Ng",
+      "Michael Heinzl"
+    ],
+    "description": "This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.15.0. Once enabled (disabled by default), it will listen in its default configuration on all network interfaces on TCP port 8080 for incoming traffic, and does not require any authentication. The injected payload will get executed in the same context under which Calibre is being executed.",
+    "references": [
+      "URL-https://starlabs.sg/advisories/24/24-6782",
+      "CVE-2024-6782"
+    ],
+    "platform": "Linux,Unix,Windows",
+    "arch": "cmd",
+    "rport": 8080,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Windows_Fetch",
+      "Linux Command"
+    ],
+    "mod_time": "2024-08-03 05:13:33 +0000",
+    "path": "/modules/exploits/multi/misc/calibre_exec.rb",
+    "is_install_path": true,
+    "ref_name": "multi/misc/calibre_exec",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_multi/misc/claymore_dual_miner_remote_manager_rce": {
     "name": "Nanopool Claymore Dual Miner APIs RCE",
     "fullname": "exploit/multi/misc/claymore_dual_miner_remote_manager_rce",