all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Metasploit Wrap-Up 03/15/2024

Add to bookmarks
March 15, 2024, 6:20 p.m. | Zachary Goldman

Rapid7 Blog blog.rapid7.com

New module content (3)


GitLab Password Reset Account Takeover


Authors: asterion04 and h00die

Type: Auxiliary

Pull request: #18716 contributed by h00die

Path: admin/http/gitlab_password_reset_account_takeover

AttackerKB reference: CVE-2023-7028


Description: This adds an exploit module that leverages an account-take-over vulnerability to take control of a GitLab account

account account takeover admin authors contributed control cve exploit gitlab http metasploit metasploit weekly wrapup password password reset path reference request reset takeover vulnerability wrap-up

Visit resource

More from blog.rapid7.com / Rapid7 Blog

Metasploit Weekly Wrap-Up 04/26/24 15 hours ago | blog.rapid7.com
addition application clusters community +20
USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award 3 days, 17 hours ago | blog.rapid7.com
april award awards beyond +11
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise 3 days, 20 hours ago | blog.rapid7.com
access account account access administrator +26
Take Command Summit: Take Breaches from Inevitable to Preventable on May 21 4 days, 22 hours ago | blog.rapid7.com
attack aws breaches command +14
Metasploit Weekly Wrap-Up 04/19/24 1 week ago | blog.rapid7.com
crushftp emergent threat response exploit framework +11
Enforce and Report on PCI DSS v4 Compliance with Rapid7 1 week, 2 days ago | blog.rapid7.com
adoption compliance council data +21
Rapid7 Insight Platform Achieves Level 2 TX-Ramp Authorization 1 week, 3 days ago | blog.rapid7.com
authorization authorization management cloud cloud security +17
Start with threat modelling and let gamers game 2 weeks ago | blog.rapid7.com
availability cloud demand game +20
Metasploit Weekly Wrap-Up 04/12/24 2 weeks ago | blog.rapid7.com
account account takeover active directory authentication +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs