This Metasploit module exploits a directory traversal vulnerability found in the LAquis SCADA application. The vulnerability is triggered when sending a series of dot dot slashes (../) to the vulnerable NOME parameter found on the listagem.laquis file. This Metasploit module was tested against version 4.1.0.2385.
ae0975440fb126f19c5ccc25be557789a6e620a677ff401fc17497d5b023dd68