Full title: BYOB Unauthenticated Remote Code Execution Exploit Category: remote exploits Platform: multiple This Metasploit module exploits two vulnerabilities in the BYOB (Build Your Own Botnet) web GUI. It leverages an unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. It also uses an authenticated command injection in the payload generation page. These vulnerabilities remain unpatched. # 0day.today @ http://0day.today/