dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update geutebruck_testaction_exec.md 

or now... (forgot the msftidy_docs just before)
This commit is contained in:
ddouhine 2020-08-13 16:13:46 +02:00 committed by gwillcox-r7
parent e4f760691e
commit 42a2a77a7e
No known key found for this signature in database
GPG Key ID: D35E05C0F2B81E83
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
documentation/modules/exploit/linux/http/geutebruck_testaction_exec.md
View File

@ -1,6 +1,6 @@
## Vulnerable Application
The web interface of the following [Geutebruck](https://www.geutebrueck.com) products using firmware <= 1.12.0.25 and also the 1.12.13.2 and the 1.12.14.5 "limited versions" are concerned:
The following [Geutebruck](https://www.geutebrueck.com) products using firmware <= 1.12.0.25 and also the 1.12.13.2 and the 1.12.14.5:
Encoder and E2 Series Camera models:
G-Code:
EEC-2xxx
@ -27,7 +27,7 @@ This module has been tested on a Geutebruck 5.02024 G-Cam/EFD-2250 running 1.12.
### Description
This exploit a simple OS command injection (CVE-2020-16205) in the /uapi-cgi/admin/testaction.cgi page of the web interface of the Geutebruck G-Cam and G-Code products.
This exploit a simple OS command injection (CVE-2020-16205) in the /uapi-cgi/admin/testaction.cgi page of the web interface.
Here is the advisory: https://us-cert.cisa.gov/ics/advisories/icsa-20-219-03
## Verification Steps