Merge pull request rapid7#19810 from h00die/fix_loadmaster_2024

bwatters-r7 · web-flow · commit 66d657f385db · 2025-02-18T19:34:00.000-06:00
Fix loadmaster privesc check method and refs
diff --git a/modules/exploits/linux/local/progress_kemp_loadmaster_sudo_privesc_2024.rb b/modules/exploits/linux/local/progress_kemp_loadmaster_sudo_privesc_2024.rb
@@ -32,7 +32,8 @@ def initialize(info = {})
         'License' => MSF_LICENSE,
         'References' => [
           ['URL', 'https://rhinosecuritylabs.com/research/cve-2024-1212unauthenticated-command-injection-in-progress-kemp-loadmaster/'],
-          ['URL', 'https://kemptechnologies.com/kemp-load-balancers']
+          ['URL', 'https://kemptechnologies.com/kemp-load-balancers'],
+          ['CVE', '2024-1212']
         ],
         'DisclosureDate' => '2024-03-19',
         'Notes' => {
@@ -84,13 +85,12 @@ def initialize(info = {})
 
   def check
     score = 0
-    score += 1 if read_file('/usr/wui/index.js').include?('KEMP')
-    score += 1 if read_file('/etc/motd').include?('Kemp LoadMaster')
-    score += 1 if exists?('/usr/wui/eula.kemp.html')
-    vprint_status("Found #{score} indicators this is a KEMP product")
-    return CheckCode::Detected if score > 0
+    score += 1 if file?('/usr/wui/index.js') && read_file('/usr/wui/index.js').include?('KEMP')
+    score += 1 if file?('/etc/motd') && read_file('/etc/motd').include?('Kemp LoadMaster')
+    score += 1 if file?('/usr/wui/eula.kemp.html')
+    return CheckCode::Detected("Found #{score} indicators this is a KEMP product") if score > 0
 
-    return CheckCode::Safe
+    CheckCode::Safe("Found #{score} indicators this is a KEMP product")
   end
 
   def verify_copy(src, dest, elevate)
