Metasploit Unveils Exploit Modules for Linux RC4 and BeyondTrust Vulnerabilities
Metasploit Unveils Exploit Modules for Linux RC4 and BeyondTrust Vulnerabilities
Publish Date: 2026-02-28 02:56:00
Source Domain: cyberpress.org
Rapid7 has released a significant update to the Metasploit Framework, delivering powerful new exploit modules and critical vulnerability support.
The February 2026 release equips security teams with advanced tools to test unauthenticated remote code execution (RCE) flaws, sophisticated evasion methods, and new persistence techniques.
Critical Exploit Modules Added
Ollama Path Traversal RCE
The standout addition is a new exploit module for Ollama AI infrastructure, tracked as CVE-2024-37032.
The vulnerability exists in Ollama’s model pull mechanism, which improperly accepts arbitrary path traversal sequences.
Attackers can exploit this by loading a rogue OCI registry to write malicious shared object files directly to the host system.
This action forces the Ollama service to spawn a new process, ultimately resulting in an unauthenticated root RCE.
BeyondTrust Command Injection
The BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) exploit modules received major technical upgrades.
Security researchers can now actively test for a severe unauthenticated command injection vulnerability identified as CVE-2026-1731.
Alongside this specific exploit, the update introduces a unified library containing BeyondTrust helper functions, which significantly improves the reliability of legacy support for older vulnerabilities.
Grandstream VoIP Exploitation
The testing framework now aggressively targets Grandstream GXP1600 series voice-over-IP devices. By exploiting a known stack overflow vulnerability (CVE-2026-2329), penetration testers can successfully secure a privileged root session.
Furthermore, Rapid7 added two specialized post-exploitation modules for these hardware devices, enabling extensive credential harvesting and deep SIP traffic packet capture for further analysis.
To help red teams bypass modern endpoint security controls, Metasploit introduced its first dedicated Linux evasion module…
