Metasploit Pro Version 4.22.8-20251014 Release Notes

Software release date: October 14, 2025 | Release notes published: October 15, 2025

New module content

• #20507  - We’ve added an unauthenticated remote code execution exploit for Commvault, allowing you to identify critical vulnerabilities (CVE-2025-57790, CVE-2025-57791, CVE-2025-57788) in your environment.
• #20518  - New auxiliary modules for NTLM leaks provide greater insight into potential credential exposure.
• #20536  - We’ve introduced new modules for Docker image persistence and exploiting overloaded systemd services.
• #20538  - Introducing a new persistence module, which exploits overloading systemd services. The module will create override.conf in the /etc directory for a specific systemd service. Once the service is restarted, it will run a malicious payload in override.conf. Note that the module requires root access.
• #20559  - A new SQLi module for FreePBX (CVE-2025-57819) enables the detection of remote code execution through SQL injection.

Enhancements and features

• Pro: Improves the performance of the project listing page, project dashboard, and the related vulnerabilities overview page.
• Pro: Users are clearly notified when root access is required for certain command-line tools.
• #20517  - We’ve added SSL support to the PostgreSQL login scanner, broadening its applicability, and integrated MITRE ATT&CK technique T1003 references to help you quickly map modules to specific attack patterns for more effective threat emulation.
• #20533  - This adds references to relevant module content for MITRE ATT&CK technique T1003 and sub-techniques, enabling users to quickly identify module content to emulate a particular attack.
• #20566  - The esc_update_ldap module has been refined to intelligently manage shadow credentials, and improve its efficiency

Bugs fixed

• Pro: Improves error details when the Passive Network Discovery MetaModule encounters errors when attempting to run.
• Pro: Improves the backup system to increase reliability and memory efficiency. This is especially beneficial for customers with large datasets or in environments that have limited system resources. Existing backup files remain fully compatible with this update.
• Pro: Fixes a bug that stopped the social engineering campaign pages from loading.
• Pro: Fixes a bug which caused uninstall issues on Linux systems without systemd present.
• Pro: Fixes a bug which caused Metasploit Pro’s backups capabilities to miss files when performing a backup with nested folders present.
• #20535  - Fixes a bug in login scanners that were not honoring the ANONYMOUS_LOGIN module option.
• #20548  - Fix an issue while performing samba share iteration in linux/samba/is_known_pipename.
• #20553  - This fixes a bug that was preventing the private type of stored credentials to be omitted in certain conditions.
• #20557  - Fixes an issue in modules that had a multi-value RHOSTS value present which led to errors when reporting exploits. This resolves the issue by verifying that RHOSTS is a valid IP address.
• #20561  - Fixes a crash when running modules that reported notes with no data present, such as the admin/mssql/mssql_enum and scanner/http/wordpress_scanner modules.
• #20562  - Fixes a bug in the WebLogic version identification logic when a - character was present in the version details.

Offline Update

• https://updates.metasploit.com/packages/f0aab0dec89d4e437312fa6c624480103c895120947daa8691dc1be8a011d7b4.bin 

Metasploit Framework and Pro Installers

• https://github.com/rapid7/metasploit-framework/wiki/Downloads-by-Version