Check Method Visibility Metasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability but instead to determine if the target is vulnerable. Metasploit tries to be very conservative with classifying a target as “vulnerable” unless the vulnerability is leveraged as part of the check method, reserving the “appears” status for version checks. The different check codes a module is capable of returning and the logic to select amon
Full text archived locally
✦ AI Summary· Claude Sonnet
Check Method VisibilityMetasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability but instead to determine if the target is vulnerable. Metasploit tries to be very conservative with classifying a target as “vulnerable” unless the vulnerability is leveraged as part of the check method, reserving the “appears” status for version checks. The different check codes a module is capable of returning and the logic to select among them varies from exploit to exploit and is not always the easiest to understand. Aligning with the consistent feedback that Metasploit has received that module actions should be more transparent, adfoster-r7 has been adding reasoning information en masse to the check codes returned by a variety of exploits. This information will help users understand why a particular vulnerability status was determined, making troubleshooting efforts easier and increasing confidence in the results.Legacy SMB ImprovementsThis week, community member g0tm1lk made multiple improvements for legacy and non-Windows SMB targets. Version information is now more reliably extracted from targets running SMB 1, and a variety of minor bugs were fixed across multiple modules that would have affected users targeting systems the module was not intended to target as is often the case when the module is used to scan an entire network.New module content (4)Camaleon CMS Directory Traversal CVE-2024-46987Authors: Goultarde, Peter Stockli, and bootstrapboolType: AuxiliaryPull request: #21122 contributed by bootstrapboolPath: gather/camaleon_download_private_fileAttackerKB reference: CVE-2024-46987Description: This adds an auxiliary module to exploit an arbitrary file vulnerability, CVE-2024-46987, on Camaleon CMS >= 2.8.0 as well as 2.9.0.Langflow RCEAuthors: Takahiro Yokoyama and weblover12Type: ExploitPull request: #21260 contributed by Takahiro-YokoPath: multi/http/langflow_rce_cve_2026_27966AttackerKB reference: CVE-2026-27966Description: Adds exploit module for CVE-2026-27966, a prompt injection RCE vulnerability in Langflow < 1.8.0. By creating and sending a specially-crafted flow containing python code, the LangChain will execute that code because LangChain's Read-Eval-Print Loop (REPL) is exposed by default and runs any Python code it is given.WebDAV PHP UploadAuthors: g0tmi1k and theLightCosine theLightCosine@metasploit.comType: ExploitPull request: #21256 contributed by g0tmi1kPath: multi/http/webdav_upload_phpAttackerKB reference: CVE-2012-10062Description: Updates code and adds features: Linux support, check() method, and cleanup after exploit.Linux ChmodAuthor: bcoles bcoles@gmail.comType: Payload (Single)Pull request: #21238 contributed by bcolesPath: linux/loongarch64/chmodDescription: Adds a new linux/loongarch64/chmod payload to change the permissions of a specified file.Enhancements and features (11)#21019 from g0tmi1k - This adds support for phpMyAdmin v3.1.x to the phpMyAdmin Config File Code Injection module (CVE-2009-1285). This also adds a check method.#21230 from bcoles - Reduces the memory footprint of the module metadata cache in Metasploit.#21231 from bcoles - Improves the performance of the module metadata cache as well as bug fixes.#21232 from bcoles - Add a method to discover writable directories on Unix targets using the find command.#21256 from g0tmi1k - Updates code and adds features: Linux support, check() method, and cleanup after exploit.#21347Bugs fixed (4)#21327 from tair-m - Fixes a crash when loading HTTP modules.#21341 from g0tmi1k - This fixes multiple issues related to various SMB modules when targeting Samba.#21344 from adfoster-r7 - Fixes a bug when running the check method for scanner/http/elasticsearch_traversal against non-vulnerable targets.#21346 from adfoster-r7 - Fixes a false positive that was present in auxiliary/scanner/couchdb/couchdb_enum.DocumentationYou can find the latest Metasploit documentation on our docsite at docs.metasploit.com.Get itAs always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:Pull Requests 6.4.128...6.4.129Full diff 6.4.128...6.4.129If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit ProArticle TagsMetasploitMetasploit Weekly WrapupSpencer McIntyreAuthor PostsRelated blog postsProducts and ToolsMetasploit Wrap-Up 04/17/2026Jack HeyselProducts and ToolsMetasploit Wrap-Up 04/10/2026Simon JanuszProducts and ToolsMetasploit Wrap-Up 04/03/2026Simon JanuszProducts and ToolsMetasploit Wrap-Up 03/27/2026Spencer McIntyreSee all posts