nostromo version 1.9.6 suffers from a remote code execution vulnerability.
71091ee1ce8b929485719940130d68fc23025355ec1a5988d19c8221e0aa77f8
This Metasploit module exploits a remote command execution vulnerability in Nostromo versions 1.9.6 and below. This issue is caused by a directory traversal in the function http_verify in nostromo nhttpd allowing an attacker to achieve remote code execution via a crafted HTTP request.
1baffab9687f81feac9fe65275eba574314a19a248d0ee583a4ac8f7f390b032