This module exploits a remote code execution vulnerability (CVE-2022-33891) of Apache Spark. The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.

This exploit is a proof-of-work exploit of the RFI vulnerabilities CVE-2024-25096 and CVE-2023-3452, which allow the attacker to establish an interactive remote shell session on the target.

A Metasploit exploit module has been released for the zero-day vulnerability in Internet Explorer. The flaw has been exploited in attacks against Japanese targets, and expert think the availability of ...