A new exploit named “Muraider” has been developed to automate the detection and exploitation of CVE-2024-32640, a SQL injection vulnerability found in Mura/Masa CMS. The tool, written in Python, leverages automation to identify and exploit the vulnerability, integrating with Ghauri for advanced exploitation capabilities. This makes it a significant threat for websites using the affected CMS versions.
The release of “Muraider” highlights the growing sophistication of automated exploitation tools, increasing the urgency for website administrators to patch vulnerabilities promptly. Security experts recommend immediate updates to Mura/Masa CMS installations and enhanced monitoring to detect potential exploitation attempts.