This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the application is vulnerable. It is a feature made for the information in the tables to be exported to the server and imported later when required. Export operations contain the file_name parameter. This parameter is assigned as a variable between the server commands on the backend side. It allows command injection. Continue reading...