From 37276446a62f09da4592a153aea6743ce6793147 Mon Sep 17 00:00:00 2001
From: sfewer-r7 <stephen_fewer@rapid7.com>
Date: Wed, 12 Feb 2025 17:22:43 +0000
Subject: [PATCH] improve the description for this option

---
 .../exploit/linux/http/beyondtrust_rce_cve_2024_12356.md    | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/documentation/modules/exploit/linux/http/beyondtrust_rce_cve_2024_12356.md b/documentation/modules/exploit/linux/http/beyondtrust_rce_cve_2024_12356.md
index f458505773..d17a2133c7 100644
--- a/documentation/modules/exploit/linux/http/beyondtrust_rce_cve_2024_12356.md
+++ b/documentation/modules/exploit/linux/http/beyondtrust_rce_cve_2024_12356.md
@@ -30,8 +30,10 @@ If set, use this FQDN value to identify the FQDN of the deployed site (e.g. `sup
 By default, this is auto discovered.
 
 ### LeverageCVE_2024_12356
-By default, this exploit does not leverage the argument injection vulnerability CVE-2024-12356. Enabling this
-option will cause this exploit to leverage CVE-2024-12356.
+By default, this exploit does not leverage the argument injection vulnerability CVE-2024-12356, and instead exploits the
+SQLi vulnerability CVE-2025-1094 directly. Enabling this option will cause this exploit to leverage CVE-2024-12356 during
+the exploitation of the SQLi vulnerability CVE-2025-1094. In either case the SQLi vulnerability CVE-2025-1094 is leveraged
+to achieve RCE.
 
 ## Scenarios