automatic module_metadata_base.json update

rapid7 · May 10, 2024 · 102f8d5 · 102f8d5
1 parent 80fdde5
commit 102f8d5
Showing 1 changed file with 59 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -87024,6 +87024,65 @@
 
     ]
   },
+  "exploit_linux/local/progress_kemp_loadmaster_sudo_privesc_2024": {
+    "name": "Kemp LoadMaster Local sudo privilege escalation",
+    "fullname": "exploit/linux/local/progress_kemp_loadmaster_sudo_privesc_2024",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-03-19",
+    "type": "exploit",
+    "author": [
+      "Dave Yesland with Rhino Security Labs",
+      "bwatters-r7"
+    ],
+    "description": "This module abuses a feature of the sudo command on Progress Kemp\n          LoadMaster.  Certain binary files are allowed to automatically elevate\n          with the sudo command.  This is based off of the file name.  Some files\n          have this permission are not write-protected from the default 'bal' user.\n          As such, if the file is overwritten with an arbitrary file, it will still\n          auto-elevate.  This module overwrites the /bin/loadkeys file with another\n          executable.",
+    "references": [
+      "URL-https://rhinosecuritylabs.com/research/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster/",
+      "URL-https://kemptechnologies.com/kemp-load-balancers"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Dropper",
+      "Command"
+    ],
+    "mod_time": "2024-05-10 08:54:23 +0000",
+    "path": "/modules/exploits/linux/local/progress_kemp_loadmaster_sudo_privesc_2024.rb",
+    "is_install_path": true,
+    "ref_name": "linux/local/progress_kemp_loadmaster_sudo_privesc_2024",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": true,
+    "actions": [
+
+    ]
+  },
   "exploit_linux/local/ptrace_sudo_token_priv_esc": {
     "name": "ptrace Sudo Token Privilege Escalation",
     "fullname": "exploit/linux/local/ptrace_sudo_token_priv_esc",