Barracuda Web Application Firewall 8.0.1.008 Post Auth Root

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it’s possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

Leave a Reply