e-m-b-a · m-1-k-3 · Oct 9, 2022 · Oct 6, 2022
diff --git a/config/msf_cve-db.txt b/config/msf_cve-db.txt
@@ -245,6 +245,8 @@
 /usr/share/metasploit-framework/modules/auxiliary/gather/jetty_web_inf_disclosure.rb:CVE-2021-34429
 /usr/share/metasploit-framework/modules/auxiliary/gather/joomla_contenthistory_sqli.rb:CVE-2015-7297
 /usr/share/metasploit-framework/modules/auxiliary/gather/ldap_hashdump.rb:CVE-2020-3952
+/usr/share/metasploit-framework/modules/auxiliary/gather/manageengine_adaudit_plus_xnode_enum.rb:CVE-2020-11532
+/usr/share/metasploit-framework/modules/auxiliary/gather/manageengine_datasecurity_plus_xnode_enum.rb:CVE-2020-11532
 /usr/share/metasploit-framework/modules/auxiliary/gather/mantisbt_admin_sqli.rb:CVE-2014-2238
 /usr/share/metasploit-framework/modules/auxiliary/gather/mcafee_epo_xxe.rb:CVE-2015-0921
 /usr/share/metasploit-framework/modules/auxiliary/gather/mcafee_epo_xxe.rb:CVE-2015-0922
@@ -417,6 +419,9 @@
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb:CVE-2012-5687
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/trace.rb:CVE-2005-3398
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/tvt_nvms_traversal.rb:CVE-2019-20085
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/vicidial_multiple_sqli.rb:CVE-2022-34876
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/vicidial_multiple_sqli.rb:CVE-2022-34877
+/usr/share/metasploit-framework/modules/auxiliary/scanner/http/vicidial_multiple_sqli.rb:CVE-2022-34878
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wangkongbao_traversal.rb:CVE-2012-4031
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/webdav_internal_ip.rb:CVE-2002-0422
 /usr/share/metasploit-framework/modules/auxiliary/scanner/http/wildfly_traversal.rb:CVE-2014-7816
@@ -606,6 +611,7 @@
 /usr/share/metasploit-framework/modules/exploits/hpux/lpd/cleanup_exec.rb:CVE-2002-1473
 /usr/share/metasploit-framework/modules/exploits/irix/lpd/tagprinter_exec.rb:CVE-2001-0800
 /usr/share/metasploit-framework/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb:CVE-2008-5499
+/usr/share/metasploit-framework/modules/exploits/linux/fileformat/unrar_cve_2022_30333.rb:CVE-2022-30333
 /usr/share/metasploit-framework/modules/exploits/linux/ftp/proftp_sreplace.rb:CVE-2006-5815
 /usr/share/metasploit-framework/modules/exploits/linux/ftp/proftp_telnet_iac.rb:CVE-2010-4221
 /usr/share/metasploit-framework/modules/exploits/linux/games/ut2004_secure.rb:CVE-2004-0608
@@ -620,6 +626,7 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/apache_druid_js_rce.rb:CVE-2021-25646
 /usr/share/metasploit-framework/modules/exploits/linux/http/apache_ofbiz_deserialization.rb:CVE-2020-9496
 /usr/share/metasploit-framework/modules/exploits/linux/http/apache_ofbiz_deserialization_soap.rb:CVE-2021-26295
+/usr/share/metasploit-framework/modules/exploits/linux/http/apache_spark_rce_cve_2022_33891.rb:CVE-2022-33891
 /usr/share/metasploit-framework/modules/exploits/linux/http/artica_proxy_auth_bypass_service_cmds_peform_command_injection.rb:CVE-2020-17505
 /usr/share/metasploit-framework/modules/exploits/linux/http/artica_proxy_auth_bypass_service_cmds_peform_command_injection.rb:CVE-2020-17506
 /usr/share/metasploit-framework/modules/exploits/linux/http/asuswrt_lan_rce.rb:CVE-2018-5999
@@ -628,11 +635,13 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/axis_srv_parhand_rce.rb:CVE-2018-10661
 /usr/share/metasploit-framework/modules/exploits/linux/http/axis_srv_parhand_rce.rb:CVE-2018-10662
 /usr/share/metasploit-framework/modules/exploits/linux/http/belkin_login_bof.rb:CVE-2014-1635
+/usr/share/metasploit-framework/modules/exploits/linux/http/bitbucket_git_cmd_injection.rb:CVE-2022-36804
 /usr/share/metasploit-framework/modules/exploits/linux/http/bludit_upload_images_exec.rb:CVE-2019-16113
 /usr/share/metasploit-framework/modules/exploits/linux/http/cayin_cms_ntp.rb:CVE-2020-7357
 /usr/share/metasploit-framework/modules/exploits/linux/http/centreon_sqli_exec.rb:CVE-2014-3828
 /usr/share/metasploit-framework/modules/exploits/linux/http/centreon_sqli_exec.rb:CVE-2014-3829
 /usr/share/metasploit-framework/modules/exploits/linux/http/cfme_manageiq_evm_upload_exec.rb:CVE-2013-2068
+/usr/share/metasploit-framework/modules/exploits/linux/http/cisco_asax_sfr_rce.rb:CVE-2022-20828
 /usr/share/metasploit-framework/modules/exploits/linux/http/cisco_firepower_useradd.rb:CVE-2016-6433
 /usr/share/metasploit-framework/modules/exploits/linux/http/cisco_hyperflex_file_upload_rce.rb:CVE-2021-1499
 /usr/share/metasploit-framework/modules/exploits/linux/http/cisco_hyperflex_hx_data_platform_cmd_exec.rb:CVE-2021-1497
@@ -714,6 +723,7 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/microfocus_secure_messaging_gateway.rb:CVE-2018-12464
 /usr/share/metasploit-framework/modules/exploits/linux/http/microfocus_secure_messaging_gateway.rb:CVE-2018-12465
 /usr/share/metasploit-framework/modules/exploits/linux/http/mida_solutions_eframework_ajaxreq_rce.rb:CVE-2020-15920
+/usr/share/metasploit-framework/modules/exploits/linux/http/mobileiron_core_log4shell.rb:CVE-2021-44228
 /usr/share/metasploit-framework/modules/exploits/linux/http/mobileiron_mdm_hessian_rce.rb:CVE-2020-15505
 /usr/share/metasploit-framework/modules/exploits/linux/http/multi_ncc_ping_exec.rb:CVE-2015-1187
 /usr/share/metasploit-framework/modules/exploits/linux/http/mutiny_frontend_upload.rb:CVE-2013-0136
@@ -739,6 +749,7 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/nuuo_nvrmini_auth_rce.rb:CVE-2016-5675
 /usr/share/metasploit-framework/modules/exploits/linux/http/nuuo_nvrmini_unauth_rce.rb:CVE-2016-5674
 /usr/share/metasploit-framework/modules/exploits/linux/http/pandora_fms_events_exec.rb:CVE-2020-13851
+/usr/share/metasploit-framework/modules/exploits/linux/http/panos_op_cmd_exec.rb:CVE-2020-2038
 /usr/share/metasploit-framework/modules/exploits/linux/http/panos_readsessionvars.rb:CVE-2017-15944
 /usr/share/metasploit-framework/modules/exploits/linux/http/peercast_url.rb:CVE-2006-1148
 /usr/share/metasploit-framework/modules/exploits/linux/http/php_imap_open_rce.rb:CVE-2018-1000859
@@ -815,10 +826,14 @@
 /usr/share/metasploit-framework/modules/exploits/linux/http/wd_mycloud_multiupload_upload.rb:CVE-2017-17560
 /usr/share/metasploit-framework/modules/exploits/linux/http/webcalendar_settings_exec.rb:CVE-2012-1495
 /usr/share/metasploit-framework/modules/exploits/linux/http/webmin_backdoor.rb:CVE-2019-15107
+/usr/share/metasploit-framework/modules/exploits/linux/http/webmin_package_updates_rce.rb:CVE-2022-36446
 /usr/share/metasploit-framework/modules/exploits/linux/http/webmin_packageup_rce.rb:CVE-2019-12840
 /usr/share/metasploit-framework/modules/exploits/linux/http/wepresent_cmd_injection.rb:CVE-2019-3929
 /usr/share/metasploit-framework/modules/exploits/linux/http/xplico_exec.rb:CVE-2017-16666
 /usr/share/metasploit-framework/modules/exploits/linux/http/zabbix_sqli.rb:CVE-2013-5743
+/usr/share/metasploit-framework/modules/exploits/linux/http/zimbra_mboximport_cve_2022_27925.rb:CVE-2022-27925
+/usr/share/metasploit-framework/modules/exploits/linux/http/zimbra_mboximport_cve_2022_27925.rb:CVE-2022-37042
+/usr/share/metasploit-framework/modules/exploits/linux/http/zimbra_unrar_cve_2022_30333.rb:CVE-2022-30333
 /usr/share/metasploit-framework/modules/exploits/linux/http/zimbra_xxe_rce.rb:CVE-2019-9621
 /usr/share/metasploit-framework/modules/exploits/linux/http/zimbra_xxe_rce.rb:CVE-2019-9670
 /usr/share/metasploit-framework/modules/exploits/linux/http/zyxel_ztp_rce.rb:CVE-2022-30525
@@ -877,6 +892,9 @@
 /usr/share/metasploit-framework/modules/exploits/linux/local/ufo_privilege_escalation.rb:CVE-2017-1000112
 /usr/share/metasploit-framework/modules/exploits/linux/local/vmware_alsa_config.rb:CVE-2017-4915
 /usr/share/metasploit-framework/modules/exploits/linux/local/vmware_mount.rb:CVE-2013-1662
+/usr/share/metasploit-framework/modules/exploits/linux/local/vmware_workspace_one_access_certproxy_lpe.rb:CVE-2022-31660
+/usr/share/metasploit-framework/modules/exploits/linux/local/zimbra_slapper_priv_esc.rb:CVE-2022-37393
+/usr/share/metasploit-framework/modules/exploits/linux/local/zyxel_suid_cp_lpe.rb:CVE-2022-30526
 /usr/share/metasploit-framework/modules/exploits/linux/misc/aerospike_database_udf_cmd_exec.rb:CVE-2020-13151
 /usr/share/metasploit-framework/modules/exploits/linux/misc/asus_infosvr_auth_bypass_exec.rb:CVE-2014-9583
 /usr/share/metasploit-framework/modules/exploits/linux/misc/cisco_rv340_sslvpn.rb:CVE-2022-20699
@@ -1917,6 +1935,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/games/racer_503beta5.rb:CVE-2007-4370
 /usr/share/metasploit-framework/modules/exploits/windows/games/ut2004_secure.rb:CVE-2004-0608
 /usr/share/metasploit-framework/modules/exploits/windows/http/adobe_robohelper_authbypass.rb:CVE-2009-3068
+/usr/share/metasploit-framework/modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb:CVE-2022-2143
 /usr/share/metasploit-framework/modules/exploits/windows/http/advantech_iview_unauth_rce.rb:CVE-2021-22652
 /usr/share/metasploit-framework/modules/exploits/windows/http/altn_securitygateway.rb:CVE-2008-4193
 /usr/share/metasploit-framework/modules/exploits/windows/http/altn_webadmin.rb:CVE-2003-0471
@@ -1956,7 +1975,8 @@
 /usr/share/metasploit-framework/modules/exploits/windows/http/ektron_xslt_exec.rb:CVE-2012-5357
 /usr/share/metasploit-framework/modules/exploits/windows/http/ektron_xslt_exec_ws.rb:CVE-2015-0923
 /usr/share/metasploit-framework/modules/exploits/windows/http/ericom_access_now_bof.rb:CVE-2014-3913
-/usr/share/metasploit-framework/modules/exploits/windows/http/exchange_chainedserializationbinder_denylist_typo_rce.rb:CVE-2021-42321
+/usr/share/metasploit-framework/modules/exploits/windows/http/exchange_chainedserializationbinder_rce.rb:CVE-2021-42321
+/usr/share/metasploit-framework/modules/exploits/windows/http/exchange_chainedserializationbinder_rce.rb:CVE-2022-23277
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_dlp_policy.rb:CVE-2020-16875
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_dlp_policy.rb:CVE-2020-17132
 /usr/share/metasploit-framework/modules/exploits/windows/http/exchange_ecp_viewstate.rb:CVE-2020-0688
@@ -2018,6 +2038,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb:CVE-2012-1195
 /usr/share/metasploit-framework/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb:CVE-2012-1196
 /usr/share/metasploit-framework/modules/exploits/windows/http/lexmark_markvision_gfd_upload.rb:CVE-2014-8741
+/usr/share/metasploit-framework/modules/exploits/windows/http/manageengine_adaudit_plus_cve_2022_28219.rb:CVE-2022-28219
 /usr/share/metasploit-framework/modules/exploits/windows/http/manageengine_adselfservice_plus_cve_2021_40539.rb:CVE-2021-40539
 /usr/share/metasploit-framework/modules/exploits/windows/http/manageengine_adselfservice_plus_cve_2022_28810.rb:CVE-2022-28810
 /usr/share/metasploit-framework/modules/exploits/windows/http/manageengine_appmanager_exec.rb:CVE-2018-7890
@@ -2085,6 +2106,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/http/zentao_pro_rce.rb:CVE-2020-7361
 /usr/share/metasploit-framework/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb:CVE-2011-2653
 /usr/share/metasploit-framework/modules/exploits/windows/http/zenworks_uploadservlet.rb:CVE-2010-5324
+/usr/share/metasploit-framework/modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb:CVE-2022-35405
 /usr/share/metasploit-framework/modules/exploits/windows/ibm/ibm_was_dmgr_java_deserialization_rce.rb:CVE-2019-4279
 /usr/share/metasploit-framework/modules/exploits/windows/iis/iis_webdav_scstoragepathfromurl.rb:CVE-2017-7269
 /usr/share/metasploit-framework/modules/exploits/windows/iis/ms01_023_printer.rb:CVE-2001-0241
@@ -2281,6 +2303,7 @@
 /usr/share/metasploit-framework/modules/exploits/windows/misc/stream_down_bof.rb:CVE-2011-5052
 /usr/share/metasploit-framework/modules/exploits/windows/misc/tiny_identd_overflow.rb:CVE-2007-2711
 /usr/share/metasploit-framework/modules/exploits/windows/misc/trendmicro_cmdprocessor_addtask.rb:CVE-2011-5001
+/usr/share/metasploit-framework/modules/exploits/windows/misc/unified_remote_rce.rb:CVE-2022-3229
 /usr/share/metasploit-framework/modules/exploits/windows/misc/veeam_one_agent_deserialization.rb:CVE-2020-10914
 /usr/share/metasploit-framework/modules/exploits/windows/misc/veeam_one_agent_deserialization.rb:CVE-2020-10915
 /usr/share/metasploit-framework/modules/exploits/windows/misc/vmhgfs_webdav_dll_sideload.rb:CVE-2016-5330
@@ -2443,6 +2466,7 @@
 /usr/share/metasploit-framework/modules/post/hardware/automotive/pdt.rb:CVE-2017-14937
 /usr/share/metasploit-framework/modules/post/linux/dos/xen_420_dos.rb:CVE-2012-5525
 /usr/share/metasploit-framework/modules/post/linux/gather/haserl_read.rb:CVE-2021-29133
+/usr/share/metasploit-framework/modules/post/linux/gather/mimipenguin.rb:CVE-2018-20781
 /usr/share/metasploit-framework/modules/post/multi/escalate/cups_root_file_read.rb:CVE-2012-5519
 /usr/share/metasploit-framework/modules/post/multi/sap/smdagent_get_properties.rb:CVE-2019-0307
 /usr/share/metasploit-framework/modules/post/osx/escalate/tccbypass.rb:CVE-2020-9934

diff --git a/helpers/helpers_emba_prepare.sh b/helpers/helpers_emba_prepare.sh
@@ -52,7 +52,7 @@ log_folder()
     fi
 
     # we check the found sha512 hash with the firmware to test:
-    if [[ -f "$LOG_DIR"/csv_logs/p02_firmware_bin_file_check.csv ]]; then
+    if [[ -f "$LOG_DIR"/csv_logs/p02_firmware_bin_file_check.csv ]] && [[ -f "$FIRMWARE_PATH" ]]; then
       STORED_SHA512=$(grep "SHA512" "$LOG_DIR"/csv_logs/p02_firmware_bin_file_check.csv | cut -d\; -f2)
       FW_SHA512=$(sha512sum "$FIRMWARE_PATH" | awk '{print $1}')
       if [[ "$STORED_SHA512" == "$FW_SHA512" ]]; then