Nostromo 1.9.6 Directory Traversal / Remote Command Execution
Posted on 31 October 2019
This Metasploit module exploits a remote command execution vulnerability in Nostromo versions 1.9.6 and below. This issue is caused by a directory traversal in the function http_verify in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request.