Fix up module description to have better sentence structure and English and to also include the actual versions of the products that were affected in addition to the firmware versions. This prevents people from having to read the documentation to find affected targets

2020-08-13 15:18:10 -05:00 · 2020-08-13 15:18:10 -05:00 · c59b3835f9
parent dc21773f10
commit c59b3835f9
1 changed files with 6 additions and 6 deletions
--- a/modules/exploits/linux/http/geutebruck_testaction_exec.rb
+++ b/modules/exploits/linux/http/geutebruck_testaction_exec.rb
@ -14,15 +14,15 @@ class MetasploitModule < Msf::Exploit::Remote
        info,
        'Name' => 'Geutebruck testaction.cgi Remote Command Execution',
        'Description' => %q{
-          This module exploits an arbitrary command execution vulnerability. The
+          This module exploits an authenticated arbitrary command execution vulnerability within the
-          vulnerability exists in the /uapi-cgi/testaction.cgi page and allows an
+          /uapi-cgi/testaction.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, 
-          authenticated user to execute arbitrary commands with root privileges.
+          ETHC-22xx, and EWPC-22xx devices running firmware versions <= 1.12.0.25 as well as firmware 
-          Firmware <= 1.12.0.25 and also the 1.12.13.2 and the 1.12.14.5 "limited versions" are concerned.
+          versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as
-          Tested on 5.02024 G-Cam/EFD-2250 running 1.12.14.5 firmware.
+          the root user.
        },
        'Author' =>
          [
-            'Davy Douhine'
+            'Davy Douhine' # ddouhine
          ],
        'License' => MSF_LICENSE,
        'References' =>