automatic module_metadata_base.json update

db/modules_metadata_base.json

@@ -31865,6 +31865,35 @@
     "is_install_path": true,
     "ref_name": "linux/http/hp_system_management"
   },
+  "exploit_linux/http/hp_van_sdn_cmd_inject": {
+    "name": "HP VAN SDN Controller Root Command Injection",
+    "full_name": "exploit/linux/http/hp_van_sdn_cmd_inject",
+    "rank": 600,
+    "disclosure_date": "2018-06-25",
+    "type": "exploit",
+    "author": [
+      "Matt Bergin",
+      "wvu <wvu@metasploit.com>"
+    ],
+    "description": "This module exploits a hardcoded service token or default credentials\n        in HPE VAN SDN Controller <= 2.7.18.0503 to execute a payload as root.\n\n        A root command injection was discovered in the uninstall action's name\n        parameter, obviating the need to use sudo for privilege escalation.\n\n        If the service token option TOKEN is blank, USERNAME and PASSWORD will\n        be used for authentication. An additional login request will be sent.",
+    "references": [
+      "EDB-44951",
+      "URL-https://korelogic.com/Resources/Advisories/KL-001-2018-008.txt"
+    ],
+    "is_server": true,
+    "is_client": false,
+    "platform": "Linux,Unix",
+    "arch": "x86, x64",
+    "rport": "8081",
+    "targets": [
+      "Unix In-Memory",
+      "Linux Dropper"
+    ],
+    "mod_time": "2018-07-05 13:30:55 +0000",
+    "path": "/modules/exploits/linux/http/hp_van_sdn_cmd_inject.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/hp_van_sdn_cmd_inject"
+  },
   "exploit_linux/http/huawei_hg532n_cmdinject": {
     "name": "Huawei HG532n Command Injection",
     "full_name": "exploit/linux/http/huawei_hg532n_cmdinject",