Back to Blog
Products and Tools

Metasploit Wrap-Up 07/03/2025

Jack Heysel
Jack Heysel
|Last updated on Jul 3, 2025|1 min read
LinkedInFacebookX
Metasploit Wrap-Up 07/03/2025

New Skyvern RCE

A new module has landed this week targeting Skyvern versions 0.1.84 and below, exploiting a server-side template injection (SSTI) vulnerability to gain remote code execution. Tracked as CVE-2025-49619, the issue lets an authenticated user upload a malicious workflow that executes arbitrary commands on the server. The exploit abuses Python internals exposed through a templating engine to run the payload. If you’ve got a valid API key, this one is reliable, stealthy, and effective.

New module content (1)

Skyvern SSTI Remote Code Execution

Authors: Cristian Branet and msutovsky-r7 Type: Exploit Pull request: #20341 contributed by msutovsky-r7 Path: linux/http/skyvern_ssti_cve_2025_49619 AttackerKB reference: CVE-2025-49619

Description: Adds a new exploits/linux/http/skyvern_ssti_cve_2025_49619 module for exploiting a server side template injection vulnerability in Skyvern <= 0.1.84. It requires an API_KEY to create a malicious workflow and gain remote code execution.

Enhancements and features (1)

  • #20289 from cgranleese-r7 - This adds support to Metasploit's module references to tag content with IDs from the MITRE ATT&CK framework. This also adds search capabilities for these new IDs that are aware of their hierarchical structure.

Bugs fixed (2)

  • #20346 from zeroSteiner - This fixes an issue with the php_fpm_rce module, which stopped working after adding a new encoder that increased the size of payload. This addresses this issue and substitutes the original encoder for smaller base64 encoder.
  • #20362 from sjanusz-r7 - Fixes a crash when running the modules/auxiliary/scanner/ssl/bleichenbacher_oracle module with an older version of Python.

Documentation

You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro

Article Tags

Author

Jack Heysel
Jack Heysel
Authors's Posts

Related blog posts