From 981cc891bc92e46ac2a12763bde7b94188ac5c18 Mon Sep 17 00:00:00 2001
From: m-1-k-3 <github@s3cur1ty.de>
Date: Sun, 12 May 2013 20:07:32 +0200
Subject: [PATCH] description

---
 modules/exploits/linux/http/dlink_dir615_up_exec.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/modules/exploits/linux/http/dlink_dir615_up_exec.rb b/modules/exploits/linux/http/dlink_dir615_up_exec.rb
index aa805d5b1a..d5071d0a37 100644
--- a/modules/exploits/linux/http/dlink_dir615_up_exec.rb
+++ b/modules/exploits/linux/http/dlink_dir615_up_exec.rb
@@ -17,8 +17,14 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'        => 'Dlink DIR615 Command Execution - Upload and Execute',
+			'Name'        => 'D-Link DIR615h Command Execution - Upload and Execute',
 			'Description' => %q{
+					Some D-Link Routers are vulnerable to an authenticated OS command injection.
+				Default credentials for the web interface are admin/admin or admin/password. Since
+				it is a blind os command injection vulnerability, there is no output for the
+				executed command when using the cmd generic payload. A ping command against a
+				controlled system could be used for testing purposes. The exploit uses the wget
+				client from the device to download the payload.
 			},
 			'Author'      =>
 				[