This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This Metasploit module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication.
b0b67649c40ca029b22826b4a8885851ba50ca7ed212e036f2e5e4e0db93816f