This Metasploit module exploits an improper input sanitization in SpamTitan versions 7.01, 7.02, 7.03 and 7.07 to inject command directives into the SNMP configuration file and get remote code execution as root. Note that only version 7.03 needs authentication and no authentication is required for versions 7.01, 7.02 and 7.07.
3fb380f22740f3fda8c78a8b5b723600
SpamTitan version 7.07 suffers from an unauthenticated remote code execution vulnerability in snmp-x.php.
a3dbab90c996c6fb7053300bdca18311