Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (3)

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it’s possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.

Leave a Reply