Remove false positive references

Author: cdelafuente-r7

modules/exploits/linux/http/asuswrt_lan_rce.rb

@@ -33,8 +33,7 @@ def initialize(info = {})
           ['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/advisories/asuswrt-lan-rce.txt'],
           ['URL', 'https://seclists.org/fulldisclosure/2018/Jan/78'],
           ['CVE', '2018-5999'],
-          ['CVE', '2018-6000'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['CVE', '2018-6000']
         ],
         'Targets' => [
           [

modules/exploits/linux/http/beyondtrust_pra_rs_unauth_rce.rb

@@ -29,8 +29,7 @@ def initialize(info = {})
           ['CVE', '2025-1094'], # The SQL injection in PostgreSQL code.
           ['URL', 'http://web.archive.org/web/20241226144006/https://www.beyondtrust.com/trust-center/security-advisories/bt24-10'], # BeyondTrust Advisory
           ['URL', 'https://www.postgresql.org/support/security/CVE-2025-1094/'], # PostgreSQL Advisory
-          ['URL', 'https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis'], # Rapid7 Analysis
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['URL', 'https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis'] # Rapid7 Analysis
         ],
         'DisclosureDate' => '2024-12-16',
         'Platform' => [ 'linux', 'unix' ],

modules/exploits/linux/misc/igel_command_injection.rb

@@ -35,9 +35,7 @@ def initialize(info = {})
         'References' => [
           [ 'CVE', '2025-34082' ],
           [ 'URL', 'https://kb.igel.com/securitysafety/en/isn-2021-01-igel-os-remote-command-execution-vulnerability-41449239.html' ],
-          [ 'URL', 'https://www.igel.com/wp-content/uploads/2021/02/lxos_11.04.270.txt' ],
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES ], # Telnet service
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_005_VNC ]
+          [ 'URL', 'https://www.igel.com/wp-content/uploads/2021/02/lxos_11.04.270.txt' ]
         ],
         'Platform' => ['linux'],
         'Arch' => [ARCH_X86, ARCH_X64],

modules/exploits/linux/ssh/ssh_erlangotp_rce.rb

@@ -37,8 +37,7 @@ def initialize(info = {})
           ['CVE', '2025-32433'],
           ['URL', 'https://x.com/Horizon3Attack/status/1912945580902334793'],
           ['URL', 'https://platformsecurity.com/blog/CVE-2025-32433-poc'],
-          ['URL', 'https://github.com/ProDefense/CVE-2025-32433'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_004_SSH]
+          ['URL', 'https://github.com/ProDefense/CVE-2025-32433']
         ],
         'Platform' => ['linux', 'unix'],
         'Arch' => [ARCH_CMD],

modules/exploits/multi/http/atlassian_confluence_rce_cve_2024_21683.rb

@@ -34,8 +34,7 @@ def initialize(info = {})
           ['CVE', '2024-21683'],
           ['URL', 'https://jira.atlassian.com/browse/CONFSERVER-95832'],
           ['URL', 'https://realalphaman.substack.com/p/quick-note-about-cve-2024-21683-authenticated'],
-          ['URL', 'https://github.com/W01fh4cker/CVE-2024-21683-RCE'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['URL', 'https://github.com/W01fh4cker/CVE-2024-21683-RCE']
         ],
         'DisclosureDate' => '2024-05-21',
         'Privileged' => false, # `NT AUTHORITY\NETWORK SERVICE` on Windows by default, `confluence` on Linux by default.

modules/exploits/multi/http/connectwise_screenconnect_rce_cve_2024_1709.rb

@@ -31,8 +31,7 @@ def initialize(info = {})
           ['CVE', '2024-1709'], # Auth bypass to create admin account.
           ['URL', 'https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8'], # Vendor Advisory
           ['URL', 'https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc/'], #  Auth Bypass PoC
-          ['URL', 'https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass'], #  Analysis of both CVEs
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['URL', 'https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass'] #  Analysis of both CVEs
         ],
         'DisclosureDate' => '2024-02-19',
         'Platform' => %w[win linux unix],

modules/exploits/multi/misc/bmc_server_automation_rscd_nsh_rce.rb

@@ -31,8 +31,7 @@ def initialize(info = {})
           ['URL', 'https://nickbloor.co.uk/2018/01/01/rce-with-bmc-server-automation/'],
           ['URL', 'https://nickbloor.co.uk/2018/01/08/improving-the-bmc-rscd-rce-exploit/'],
           ['CVE', '2016-1542'],
-          ['CVE', '2016-1543'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['CVE', '2016-1543']
         ],
         'DisclosureDate' => '2016-03-16',
         'Privileged' => false,

modules/exploits/osx/http/remote_for_mac_rce.rb

@@ -22,8 +22,7 @@ def initialize(info = {})
         'Author' => ['Chokri Hammedi (@blue0x1)'],
         'References' => [
           ['CVE', '2025-34089'],
-          ['PACKETSTORM', '195347'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES]
+          ['PACKETSTORM', '195347']
         ],
         'DisclosureDate' => '2025-05-27',
         'Platform' => ['unix', 'osx'],

modules/exploits/solaris/telnet/fuser.rb

@@ -22,8 +22,7 @@ def initialize(info = {})
         'References' => [
           [ 'CVE', '2007-0882' ],
           [ 'OSVDB', '31881'],
-          [ 'BID', '22512' ],
-          [ 'ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES ],
+          [ 'BID', '22512' ]
         ],
         'Privileged' => false,
         'Platform' => %w[solaris unix],

modules/exploits/solaris/telnet/ttyprompt.rb

@@ -22,8 +22,7 @@ def initialize(info = {})
         'References' => [
           ['CVE', '2001-0797'],
           ['OSVDB', '690'],
-          ['BID', '5531'],
-          ['ATT&CK', Mitre::Attack::Technique::T1021_REMOTE_SERVICES],
+          ['BID', '5531']
         ],
         'Privileged' => false,
         'Platform' => %w[solaris unix],