Vulnerability & Exploit Database

Back to search

MicroFocus Secure Messaging Gateway Remote Code Execution

This module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding, which leads to SQL injection vulnerability. Successfully exploiting this vulnerability gives a ability to add new user onto system. manage_domains_dkim_keygen_request.php endpoint is responsible for executing an operation system command. It's not possible to access this endpoint without having a valid session. Combining these vulnerabilities gives the opportunity execute operation system commands under the context of the web user.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • Mehmet Ince <mehmet [at]>



  • Automatic


  • php


  • php



Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/http/microfocus_secure_messaging_gateway msf exploit(microfocus_secure_messaging_gateway) > show targets ...targets... msf exploit(microfocus_secure_messaging_gateway) > set TARGET <target-id> msf exploit(microfocus_secure_messaging_gateway) > show options and set options... msf exploit(microfocus_secure_messaging_gateway) > exploit