This Metasploit module exploits a command injection flaw to create a shell script on the filesystem and execute it. If GestioIP is configured to use no authentication, no password is required to exploit the vulnerability. Otherwise, an authenticated user is required to exploit…. This Metasploit module exploits a command injection flaw to create a shell script on the filesystem and execute it. If GestioIP is configured to use no authentication, no password is required to exploit the vulnerability. Otherwise, an authenticated user is required to exploit.

Read more http://packetstormsecurity.com/files/123532/gestioip_exec.rb.txt