This Metasploit module exploits a command injection in Apache Continuum versions 1.4.2 and below. By injecting a command into the installation.varValue POST parameter to /continuum/saveInstallation.action, a shell can be spawned.
cf845d6fbc3b09514ed47ba1ed811ff6c6d343b0941a626f3ff4522492ad83c7