CVE-2012-10028

This Metasploit module exploits a remote command execution vulnerability in Netwin SurgeFTP by authenticating to the web-based administrative console and sending a crafted POST request to execute arbitrary commands via the 'authent_process' parameter.

This Metasploit module exploits a command injection vulnerability in SurgeFTP's web-based administrative console by sending a crafted POST request to the `/cgi/surgeftpmgr.cgi` endpoint with an arbitrary command embedded in the `authent_process` parameter.

This Metasploit module exploits a vulnerability in Netwin SurgeFTP (version 23c8 or prior) to achieve remote command execution. It leverages authenticated access to the web-based administrative console to execute arbitrary commands via the `surgeftpmgr.cgi` endpoint.