Vulnerability & Exploit Database

Back to search

Watchguard XCS Remote Command Execution

This module exploits two separate vulnerabilities found in the Watchguard XCS virtual appliance to gain command execution. By exploiting an unauthenticated SQL injection, a remote attacker may insert a valid web user into the appliance database, and get access to the web interface. On the other hand, a vulnerability in the web interface allows the attacker to inject operating system commands as the 'nobody' user.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/freebsd/http/watchguard_cmd_exec

Authors

  • Daniel Jensen <daniel.jensen [at] security-assessment.com>

References

Targets

  • Watchguard XCS 9.2/10.0

Platforms

  • bsd

Architectures

  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/freebsd/http/watchguard_cmd_exec msf exploit(watchguard_cmd_exec) > show targets ...targets... msf exploit(watchguard_cmd_exec) > set TARGET <target-id> msf exploit(watchguard_cmd_exec) > show options ...show and set options... msf exploit(watchguard_cmd_exec) > exploit