VYPR
researchPublished Jul 3, 2026· Updated Jul 4, 2026· 1 source

Metasploit Framework Bolsters Arsenal with New Exploits and Payloads

Rapid7's Metasploit Framework receives a significant update, introducing modules for upgrading SMB sessions to Meterpreter, an RCE exploit for Peyara Remote Mouse, and a new payload for Linux loongarch64 systems.

The Metasploit Framework, a cornerstone tool for penetration testers and security researchers, has been updated with several new modules designed to enhance its offensive and defensive capabilities. This latest release from Rapid7 introduces novel ways to escalate privileges, exploit specific vulnerabilities, and expand platform support.

One of the key additions is a module developed by Metasploit contributor Dean Welch that facilitates the upgrade of existing SMB sessions to the more powerful Meterpreter payload. This is achieved through the use of PsExec, a well-known utility for remote administration. Users can leverage the windows/manage/smb_to_meterpreter module by specifying the session ID they wish to upgrade, or by using the sessions -u <session_id> command. This enhancement is part of a broader initiative to allow for the seamless transition of various session types into Meterpreter, providing greater flexibility during post-exploitation activities.

A significant new exploit module targets Peyara Remote Mouse version 1.0.1. Developed by capture0x and available under windows/misc/peyara_remote_mouse_rce, this module allows for unauthenticated remote code execution. This vulnerability could enable attackers to gain control over systems running the vulnerable version of the remote mouse software without needing any prior credentials, posing a considerable risk to users who employ this application for remote control.

Expanding its reach into different architectures, Metasploit has also gained a new payload for Linux systems utilizing the loongarch64 architecture. The linux/loongarch64/exec command payload, contributed by bcoles and modexp, allows attackers to execute arbitrary commands on compromised loongarch64 Linux devices. This addition is crucial for security professionals testing the resilience of systems built on this increasingly adopted architecture.

Beyond these new exploit and payload modules, the update also includes several enhancements and bug fixes. One notable enhancement, contributed by zeroSteiner, adds authentication support to the MCP server's HTTP transport by default, improving security and control over network services. Additionally, bug fixes address issues such as a crash in the scanner/discovery/udp_sweep module on Windows and incorrect debug information display for SSH sessions.

These updates underscore the continuous development and maintenance of the Metasploit Framework, ensuring it remains a relevant and powerful tool in the cybersecurity landscape. The addition of new exploit modules, particularly for less common vulnerabilities like the Peyara Remote Mouse RCE, and the expansion of platform support, such as the loongarch64 payload, demonstrate Rapid7's commitment to providing security professionals with the latest tools to identify and address potential security weaknesses.

The framework's ongoing evolution, driven by both internal development and community contributions, ensures that it keeps pace with emerging threats and vulnerabilities. By regularly updating its module library, Metasploit empowers security teams to conduct more comprehensive and effective penetration tests, thereby strengthening overall cybersecurity postures.

Synthesized by Vypr AI