fix three typos

Author: sfewer-r7

documentation/modules/exploit/multi/http/cleo_rce_cve_2024_55956.md

@@ -11,8 +11,8 @@ can be found [here](https://cleo-infoeng.s3.us-east-2.amazonaws.com/PDF/LexiCom/
 During testing of this module Cleo LexiCom was used. On Windows you will download the `install.exe` file and on Linux
 you will download the `install.bin` file. Running the installer to complete the installation. 
 
-By default, the HTTP service will listen on TCP port 5080, so you will need to allow inbound connection to this port
-in your firewall.
+By default, the HTTP service will listen on TCP port 5080, so you will need to allow inbound connections to this port
+from your firewall.
 
 If testing the default Windows payloads, you should disable Defender.
 

modules/exploits/multi/http/cleo_rce_cve_2024_55956.rb

@@ -35,7 +35,7 @@ def initialize(info = {})
         'DisclosureDate' => '2024-12-09',
         'Platform' => %w[java win linux unix],
         'Arch' => [ARCH_JAVA, ARCH_CMD],
-        'Privileged' => true, # 'NT AUTHORITY\SYSTEM' on Windows. On Linux it depends how the product was installed.
+        'Privileged' => true, # 'NT AUTHORITY\SYSTEM' on Windows. On Linux it depends on how the product was installed.
         'Targets' => [
           [
             # Tested against Cleo LexiCom/5.8.0.21 on Windows Server 2022, with payloads:
@@ -94,7 +94,7 @@ def check
 
     return CheckCode::Unknown('Connection failed') unless res
 
-    # We expect the server to respond with a HTTP Server header like "Cleo LexiCom/5.8.0.0 (Windows Server 2022)".
+    # We expect the server to respond with an HTTP Server header like "Cleo LexiCom/5.8.0.0 (Windows Server 2022)".
     # Note, the target product may be either LexiCom, VLTrader, or Harmony.
     if res.headers.key?('Server') && (res.headers['Server'] =~ %r{cleo\s+(\blexicom\b|\bvltrader\b|\bharmony\b)/(\d+\.\d+\.\d+\.\d+)}i)