| Name | idrac_appweb_rce |
| CVE | CVE-2018-1207 |
| Exploit Pack | CANVAS |
| Description | iDrac8 WebApp RCE |
| Notes | CVE Name: CVE-2018-1207 NOTES: This module exploits a CGI Injection vulnerability in iDRAC8 in order to achieve Remote Code Execution. We upload a shared library that we can then invoke with the CGI injection vulnerability. Type of payloads currently supported by this module: - BINDSHELL - CALLBACK (MOSDEF) CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2018-1207 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |