Full title: SpamTitan 7.07 Command Injection Exploit 
Category: web applications
Platform: php
This Metasploit module exploits an improper input sanitization in SpamTitan versions 7.01, 7.02, 7.03 and 7.07 to inject command directives into the SNMP configuration file and get remote code execution as root. Note that only version 7.03 needs authentication and no authentication is required for versions 7.01, 7.02 and 7.07.

# 0day.today @ http://0day.today/