MetasploitThe latest #Metasploit Wrapup is here! 🎉 This week brings enhanced SMB NTLM relaying for better client compatibility (including smbclient), plus new modules for RCE in Eclipse Che (CVE-2025-12548), Barracuda ESG command injection (CVE-2023-2868), and an ESC/POS printer injector.
Check it out at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-27-2026/
Metasploit Wrap-Up 03/27/2026
This week's Metasploit update features enhanced SMB NTLM relay functionality for broader client compatibility, including Linux's smbclient, and the ability to relay RubySMB authentication to multiple targets. New module content includes exploits for: unauthenticated RCE in Eclipse Che machine-exec (CVE-2025-12548), a command injection in Barracuda ESG (CVE-2023-2868), and an unauthenticated ESC/POS printer command injector (CVE-2026-23767).