Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
[
{
"product": "Metasploit Pro",
"vendor": "Rapid7",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 4.13.0-2017022101"
}
]
}
]