CVE-2012-10048

This Metasploit module exploits a command execution vulnerability in Zenoss 3.x by leveraging the 'showDaemonXMLConfig' endpoint, which passes user-controlled input from the 'daemon' parameter to a Popen() call. It requires authentication and executes arbitrary commands under the context of the 'zenoss' user.

This Metasploit module exploits a command execution vulnerability in Zenoss 3.x by leveraging the show_daemon_xml_configs() function in ZenossInfo.py, which calls Popen() with user-controlled data from the 'daemon' parameter. It sends a crafted POST request to execute arbitrary commands under the context of the 'zenoss' user.

This exploit demonstrates multiple vulnerabilities in Zenoss 3.2.1 and prior, including command execution, XSS, open redirect, directory traversal, and information disclosure. The PoC provides URLs to exploit these issues without requiring authentication.