Vulnerability & Exploit Database

Back to search

WePresent WiPG-1000 Command Injection

This module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/http/wipg1000_cmd_injection

Authors

  • Matthias Brun

References

Targets

  • WiPG-1000 <=2.0.0.7

Platforms

  • unix

Architectures

  • cmd

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/http/wipg1000_cmd_injection msf exploit(wipg1000_cmd_injection) > show targets ...targets... msf exploit(wipg1000_cmd_injection) > set TARGET <target-id> msf exploit(wipg1000_cmd_injection) > show options ...show and set options... msf exploit(wipg1000_cmd_injection) > exploit