This Metasploit module exploits a default misconfiguration flaw on Apache Karaf versions 2.x-4.x. The karaf user has a known default password, which can be used to login to the SSH service, and execute operating system commands from remote.
93b9fb220a19ac22dc6c94500a58d43ee94d2a078a4193befda584fd4f7ae958
There exists a buffer overflow vulnerability in certain Cable Modem Spectrum Analyzer interfaces. This overflow is exploitable, but since an exploit would differ between every make, model, and firmware version (which also differs from ISP to ISP), this module simply causes a Denial of Service to test if the vulnerability is present.
b7604d571b378375183400dccd7016ba02cc92e050e57bbc99271090eb17cb60
The TP-Link SC2020n Network Video Camera is vulnerable to OS Command Injection via the web interface. By firing up the telnet daemon, it is possible to gain root on the device. The vulnerability exists at /cgi-bin/admin/servetest, which is accessible with credentials.
6d9bcf28b50744ae1b54ed55f4fdaa3d592c14f7b0231ff8fe3e82e0cf7640ca
The D-Link DCS-930L Network Video Camera is vulnerable to OS Command Injection via the web interface. The vulnerability exists at /setSystemCommand, which is accessible with credentials. This vulnerability was present in firmware version 2.01 and fixed by 2.12.
be240e5ce556625bff02587580565e9c43078802e56197d7552916b159aefcf1