Vulnerability & Exploit Database

Back to search

IPFire proxy.cgi RCE

IPFire, a free linux based open source firewall distribution, version < 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/http/ipfire_oinkcode_exec

Authors

  • h00die <mike [at] stcyrsecurity.com>
  • 0x09AL

References

Targets

  • Automatic Target

Platforms

  • unix

Architectures

  • cmd

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/http/ipfire_oinkcode_exec msf exploit(ipfire_oinkcode_exec) > show targets ...targets... msf exploit(ipfire_oinkcode_exec) > set TARGET <target-id> msf exploit(ipfire_oinkcode_exec) > show options ...show and set options... msf exploit(ipfire_oinkcode_exec) > exploit