This Metasploit module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as the root user.
4e45a5b58bb25a9e1400104eecea5f80262e1ed574a38b2fbeeaabd60cc42511