Vulnerability & Exploit Database

Back to search

IPFire proxy.cgi RCE

IPFire, a free linux based open source firewall distribution, version < 2.19 Update Core 101 contains a remote command execution vulnerability in the proxy.cgi page.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/http/ipfire_proxy_exec

Authors

  • h00die <mike [at] stcyrsecurity.com>
  • Yann CAM

References

Targets

  • Automatic Target

Platforms

  • unix

Architectures

  • cmd

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/http/ipfire_proxy_exec msf exploit(ipfire_proxy_exec) > show targets ...targets... msf exploit(ipfire_proxy_exec) > set TARGET <target-id> msf exploit(ipfire_proxy_exec) > show options ...show and set options... msf exploit(ipfire_proxy_exec) > exploit