CVE-2026-5463: CWE-77 Improper neutralization of special elements leading to command injection in Dan McInerney pymetasploit3
Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended commands, potentially leading to arbitrary command execution and manipulation of Metasploit sessions.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-5463) in Dan McInerney's pymetasploit3 library arises from improper neutralization of special elements (CWE-77) in the console.run_module_with_output() function. Attackers can inject newline characters into module options such as RHOSTS, breaking the intended command syntax and causing the Metasploit console to execute additional unintended commands. This results in potential arbitrary command execution and unauthorized manipulation of Metasploit sessions. The issue affects versions through 1.0.6 and has a CVSS 4.0 score of 9.3, indicating critical severity.
Potential Impact
Successful exploitation can lead to arbitrary command execution within the Metasploit console environment, allowing attackers to manipulate Metasploit sessions beyond intended control. This could compromise the integrity and security of the system running pymetasploit3 and potentially affect any connected infrastructure managed through Metasploit.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should avoid passing untrusted input to the console.run_module_with_output() function, especially in module options like RHOSTS, to prevent injection of newline characters. Monitor official channels for updates or patches from the pymetasploit3 maintainer.
CVE-2026-5463: CWE-77 Improper neutralization of special elements leading to command injection in Dan McInerney pymetasploit3
Description
Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended commands, potentially leading to arbitrary command execution and manipulation of Metasploit sessions.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-5463) in Dan McInerney's pymetasploit3 library arises from improper neutralization of special elements (CWE-77) in the console.run_module_with_output() function. Attackers can inject newline characters into module options such as RHOSTS, breaking the intended command syntax and causing the Metasploit console to execute additional unintended commands. This results in potential arbitrary command execution and unauthorized manipulation of Metasploit sessions. The issue affects versions through 1.0.6 and has a CVSS 4.0 score of 9.3, indicating critical severity.
Potential Impact
Successful exploitation can lead to arbitrary command execution within the Metasploit console environment, allowing attackers to manipulate Metasploit sessions beyond intended control. This could compromise the integrity and security of the system running pymetasploit3 and potentially affect any connected infrastructure managed through Metasploit.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should avoid passing untrusted input to the console.run_module_with_output() function, especially in module options like RHOSTS, to prevent injection of newline characters. Monitor official channels for updates or patches from the pymetasploit3 maintainer.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TuranSec
- Date Reserved
- 2026-04-03T04:28:08.555Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69cf4ec6e6bfc5ba1d767352
Added to database: 4/3/2026, 5:23:18 AM
Last enriched: 4/3/2026, 5:30:55 AM
Last updated: 4/3/2026, 8:46:35 AM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.