automatic module_metadata_base.json update

rapid7 · Jan 8, 2025 · eb71ce1 · eb71ce1
1 parent fea1713
commit eb71ce1
Showing 1 changed file with 63 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -82926,6 +82926,69 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_linux/http/selenium_greed_firefox_rce_cve_2022_28108": {
+    "name": "Selenium geckodriver RCE",
+    "fullname": "exploit/linux/http/selenium_greed_firefox_rce_cve_2022_28108",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2022-04-18",
+    "type": "exploit",
+    "author": [
+      "Jon Stratton",
+      "Takahiro Yokoyama"
+    ],
+    "description": "Selenium Server (Grid) <= 4.27.0 (latest version at the time of this writing)\n          allows CSRF because it permits non-JSON content types\n          such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.",
+    "references": [
+      "CVE-2022-28108",
+      "URL-https://www.gabriel.urdhr.fr/2022/02/07/selenium-standalone-server-csrf-dns-rebinding-rce/",
+      "URL-https://github.com/JonStratton/selenium-node-takeover-kit/tree/master",
+      "EDB-49915"
+    ],
+    "platform": "Linux",
+    "arch": "",
+    "rport": 4444,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Linux Command"
+    ],
+    "mod_time": "2025-01-08 13:04:08 +0000",
+    "path": "/modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/selenium_greed_firefox_rce_cve_2022_28108",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk",
+        "ioc-in-logs"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_linux/http/smt_ipmi_close_window_bof": {
     "name": "Supermicro Onboard IPMI close_window.cgi Buffer Overflow",
     "fullname": "exploit/linux/http/smt_ipmi_close_window_bof",