Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

module

IBM Lotus Notes Client URL Handler Command Injection

Disclosed
Jun 18, 2012
Created
May 30, 2018

Description

This module exploits a command injection vulnerability in the URL handler for
for the IBM Lotus Notes Client a specially crafted notes:// URL to execute arbitrary commands with also arbitrary
arguments. This module has been tested successfully on Windows XP SP3 with IE8,
Google Chrome 23.0.1271.97 m and IBM Lotus Notes Client 8.5.2.

Authors

Moritz Jodeit
Sean de Regge
juan vazquez [email protected]

Platform

Windows

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


msf > use exploit/windows/browser/notes_handler_cmdinject
msf exploit(notes_handler_cmdinject) > show targets
...targets...
msf exploit(notes_handler_cmdinject) > set TARGET < target-id >
msf exploit(notes_handler_cmdinject) > show options
...show and set options...
msf exploit(notes_handler_cmdinject) > exploit

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.