Roxy WI version 6.1.0.0 remote command execution exploit. This is a variant of the original disclosure of remote command execution in this version by Nuri Cilengir in April of 2023.
6cd2cb72c7cecd72ddfff4ac4a6371cf692a748e7944b6916cdfe762860b4a74
This Metasploit module exploits an unauthenticated command injection vulnerability in Roxy-WI versions prior to 6.1.1.0. Successful exploitation results in remote code execution under the context of the web server user. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers.
96d069f907bcd7cf304913bbed0abdeaec0d86467550d0c7535f3ee8826057d3