Geutebruck simple_loglistjs.cgi Remote Command Execution
Posted by deepcore on July 3, 2018 – 9:10 pm
This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.12.0.19 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.12.0.4 firmware.
Post a reply
You must be logged in to post a comment.