Fix up module description to have better sentence structure and English and to also include the actual versions of the products that were affected in addition to the firmware versions. This prevents people from having to read the documentation to find affected targets
This commit is contained in:
parent
dc21773f10
commit
c59b3835f9
|
@ -14,15 +14,15 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
info,
|
info,
|
||||||
'Name' => 'Geutebruck testaction.cgi Remote Command Execution',
|
'Name' => 'Geutebruck testaction.cgi Remote Command Execution',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module exploits an arbitrary command execution vulnerability. The
|
This module exploits an authenticated arbitrary command execution vulnerability within the
|
||||||
vulnerability exists in the /uapi-cgi/testaction.cgi page and allows an
|
/uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx,
|
||||||
authenticated user to execute arbitrary commands with root privileges.
|
ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware
|
||||||
Firmware <= 1.12.0.25 and also the 1.12.13.2 and the 1.12.14.5 "limited versions" are concerned.
|
versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as
|
||||||
Tested on 5.02024 G-Cam/EFD-2250 running 1.12.14.5 firmware.
|
the root user.
|
||||||
},
|
},
|
||||||
'Author' =>
|
'Author' =>
|
||||||
[
|
[
|
||||||
'Davy Douhine'
|
'Davy Douhine' # ddouhine
|
||||||
],
|
],
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'References' =>
|
'References' =>
|
||||||
|
|
Loading…
Reference in New Issue