{"id":218356,"date":"2026-02-28T02:56:00","date_gmt":"2026-02-28T07:56:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/28\/metasploit-unveils-exploit-modules-for-linux-rc4-and-beyondtrust-vulnerabilities\/"},"modified":"2026-02-28T05:50:10","modified_gmt":"2026-02-28T10:50:10","slug":"metasploit-unveils-exploit-modules-for-linux-rc4-and-beyondtrust-vulnerabilities","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/28\/metasploit-unveils-exploit-modules-for-linux-rc4-and-beyondtrust-vulnerabilities\/","title":{"rendered":"Metasploit Unveils Exploit Modules for Linux RC4 and BeyondTrust Vulnerabilities"},"content":{"rendered":"

Metasploit Unveils Exploit Modules for Linux RC4 and BeyondTrust Vulnerabilities<\/a><\/p>\n

https:\/\/cyberpress.org\/metasploit-unveils-exploit-modules-for-linux-rc4-and-beyondtrust-vulnerabilities\/<\/a><\/p>\n

Publish Date: 2026-02-28 02:56:00<\/a><\/p>\n

Source Domain: cyberpress.org<\/a><\/p>\n

Rapid7 has released a significant update to the Metasploit Framework, delivering powerful new exploit modules and critical vulnerability support. <\/p>\n

The February 2026 release equips security teams with advanced tools to test unauthenticated remote code execution (RCE) flaws, sophisticated evasion methods, and new persistence techniques.<\/p>\n

Critical Exploit Modules Added<\/strong><\/h2>\n

Ollama Path Traversal RCE<\/strong> <\/p>\n

The standout addition is a new exploit module for Ollama AI infrastructure, tracked as CVE-2024-37032. <\/p>\n

The vulnerability exists in Ollama\u2019s model pull mechanism, which improperly accepts arbitrary path traversal sequences. <\/p>\n

Attackers can exploit this by loading a rogue OCI registry to write malicious shared object files directly to the host system. <\/p>\n

This action forces the Ollama service to spawn a new process, ultimately resulting in an unauthenticated root RCE.\u200b<\/p>\n

BeyondTrust Command Injection<\/strong><\/p>\n

The BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) exploit modules received major technical upgrades. <\/p>\n

Security researchers can now actively test for a severe unauthenticated command injection vulnerability identified as CVE-2026-1731. <\/p>\n

Alongside this specific exploit, the update introduces a unified library containing BeyondTrust helper functions, which significantly improves the reliability of legacy support for older vulnerabilities.<\/p>\n

Grandstream VoIP Exploitation<\/strong><\/p>\n

The testing framework now aggressively targets Grandstream GXP1600 series voice-over-IP devices. By exploiting a known stack overflow vulnerability (CVE-2026-2329), penetration testers can successfully secure a privileged root session. <\/p>\n

Furthermore, Rapid7 added two specialized post-exploitation modules for these hardware devices, enabling extensive credential harvesting and deep SIP traffic packet capture for further analysis.<\/p>\n

To help red teams bypass modern endpoint security controls, Metasploit introduced its first dedicated Linux evasion module…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Metasploit Unveils Exploit Modules for Linux RC4 and BeyondTrust Vulnerabilities https:\/\/cyberpress.org\/metasploit-unveils-exploit-modules-for-linux-rc4-and-beyondtrust-vulnerabilities\/ Publish Date: 2026-02-28 02:56:00…<\/p>\n","protected":false},"author":1,"featured_media":218357,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgB5NKoj5BGHS4kbQf1dLTxbwMvA5-qvgzb-SnlVUmTT2gVc87df9G-NivPNqPvDZ3l4eIgNGY9D4aZvhZUm4nz6a4o9PM0N-2SyHNQ-npXC_MgAMOWChDNNw0KXctPPY1tpuvz1mgKKApQI6b2g9AvDFW3r71vojr3MCcZ-4G-uubQvB-4uDZPyJRv2Rlr\/s1600\/Metasploit%20Unveils%20Exploit%20Modules%20for%20Linux%20RC4%20and%20BeyondTrust%20Vulnerabilities%20%281%29%20%281%29.webp","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,31,71,57,27],"class_list":["post-218356","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-exploit","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218356"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=218356"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218356\/revisions"}],"predecessor-version":[{"id":218358,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218356\/revisions\/218358"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/218357"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=218356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=218356"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=218356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}