automatic module_metadata_base.json update

jenkins-metasploit · jenkins-metasploit · commit 66c16b0887f7 · 2025-08-28T07:59:52.000Z
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -128199,6 +128199,63 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_osx/misc/remote_for_mac_udp_rce": {
+    "name": "Remote for Mac 2025.6 Unauthenticated UDP Keyboard RCE",
+    "fullname": "exploit/osx/misc/remote_for_mac_udp_rce",
+    "aliases": [],
+    "rank": 600,
+    "disclosure_date": "2025-05-27",
+    "type": "exploit",
+    "author": [
+      "Chokri Hammedi"
+    ],
+    "description": "This module exploits an unauthenticated remote code execution vulnerability in Remote for Mac 2025.6.\n          When the \"Allow unknown devices\" setting is enabled, it is possible to simulate keyboard input via UDP packets\n          without authentication. By sending a sequence of key presses, an attacker can open the Terminal and execute\n          arbitrary shell commands, achieving code execution as the current user.",
+    "references": [
+      "PACKETSTORM-196351"
+    ],
+    "platform": "Unix",
+    "arch": "cmd",
+    "rport": null,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Unix Shell"
+    ],
+    "mod_time": "2025-08-28 09:11:01 +0000",
+    "path": "/modules/exploits/osx/misc/remote_for_mac_udp_rce.rb",
+    "is_install_path": true,
+    "ref_name": "osx/misc/remote_for_mac_udp_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "screen-effects"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_osx/misc/ufo_ai": {
     "name": "UFO: Alien Invasion IRC Client Buffer Overflow",
     "fullname": "exploit/osx/misc/ufo_ai",
