This exploit does not exploit a vulnerability, but instead creates an aspx page. The page, if placed on an IIS server, establishes a shell connection when requested.
The user needs the ability to upload the resulting page to an IIS server. This exploit does not provide the mechanism to do so. When the page is requested, there may be a delay of a few seconds before the connection is established.