Full title: Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal 
Category: remote exploits
Platform: linux
This Metasploit module exploits a path traversal vulnerability in the "linuxpkgs" action of "agent" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier). It uploads a fake controller to the controllers directory of the Rails application with the encoded payload as an action and sends a request to this action to execute the payload. Optionally, it can also upload a routing file containing a route to the action. (Which is not necessary, since the application already contains a general default route.)

# 0day.today @ http://0day.today/