SolarWinds Storage Manager Server SQL Injection Authentication Bypass Exploit

This module exploits a vulnerability in the SolarWinds Storage Manager Server. The LoginServlet page available on port 9000 is vulnerable to SQL injection via the loginName field. An attacker can send a specially crafted username and execute arbitrary SQL commands leading to remote code execution.
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-51501
Product Version: 
12.0
Released Date: 
Wednesday, April 11, 2012 - 00:00