New module content (3)

Centreon authenticated command injection leading to RCE via broker engine “reload” parameter

Type: Exploit

Path: linux/http/centreon_auth_rce_cve_2025_5946

Description: Adds an exploit module for Centreon. The vulnerability, an authenticated command injection, will lead to a remote code execution.

Rootkit Privilege Escalation Signal Hunter

Type: Exploit

Path: linux/local/rootkit_privesc_signal_hunter

Description: Expands diamorphine privilege escalation module to other rootkits that use signal handling for privilege escalation.

Windows Persistent Task Scheduler

Author: h00die

Type: Exploit

Path: windows/persistence/task_scheduler

Description: This adds a new persistence module for Windows - the task scheduler module. The module will create scheduled tasks depending on the ScheduleType option.

Enhancements and features (2)

• #20523 from h00die - This updates the upstart persistence to use the new persistence mixin.
• #20643 from bcoles - Expands diamorphine privilege escalation module to other rootkits, which use signal handling for privilege escalation.

Bugs fixed (1)

• #20673 from adfoster-r7 - Temporarily pins date dependency to 3.4.1 due to possible issues associated with 3.5.0 to allow for further testing.

Documentation

You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

• Pull Requests 6.4.96...6.4.97
• Full diff 6.4.96...6.4.97