This update adds support for domain users, improved user group validation, agent stability, and improved module output messages.

This exploit uses a technique called LNK stomping that allows specially crafted LNK files with non-standard target paths or internal structures to cause the file to be opened while bypassing Smart App Control and the Mark of the Web security warnings.

Veeam Backup and Replication deserialization of System.Runtime.Remoting.ObjRef .NET class type allows unauthenticated remote attackers to execute system commands in the context of the NT AUTHORITY\SYSTEM user.

This exploit leverages an information disclosure vulnerability in Microsoft Outlook. By using an image tag, unauthorized access can be obtained, allowing for the theft of NTLM hashes.

A directory traversal Vulnerability in the WhatsUp.ExportUtilities.Export.GetFileWithoutZip method of Progress WhatsUp Gold allows unauthenticated remote attackers to write arbitrary files in the system leading to execute system commands in the context of the IIS APPPOOL\NmConsole user.

This module exploits an issue in GitLab CE/EE that allows sending reset emails to an unverified email address. In order to takeover the account, the module will exploit the vulnerability adding the attacker's email to the JSON from /users/password endpoint, then it will connect via IMAP to the attacker's email, parse the reset email and change the password. All versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 are affected.

This module chains together three vulnerabilities to deploy a Core Impact agent with root privileges. First vulnerability CVE-2023-46805 is used to obtain the exact version of Ivanti Connect Secure installed on the system. Next, the module exploits a second vulnerability CVE-2024-21893 that allows the attacker to access certain restricted resources without authentication, leveraging a flaw in the SAML component. Finally, the module uses a third vulnerability CVE-2024-21887 that enables remote code execution with elevated privileges in the management component, facilitating the injection and execution of the Core Impact agent with root privileges. Also this update fixes a duplicated CVE in the Module Output

A server-side request forgery (SSRF) vulnerability has been identified in the SAML component of Ivanti Connect Secure (versions 9.x and 22.x), Ivanti Policy Secure (versions 9.x and 22.x), and Ivanti Neurons for ZTA. This vulnerability, designated CVE-2024-21893, allows an attacker to access restricted resources without authentication.

An XML External Entity Reference and a heap buffer overflow in the iconv() function of the GNU C Library allows unauthenticated remote attackers to execute system commands in Magento eCommerce Web Sites. This update adds module documentation and fixes some errors.

An XML External Entity Reference and a heap buffer overflow in the iconv() function of the GNU C Library allows unauthenticated remote attackers to execute system commands in Magento eCommerce Web Sites.