Lucene search

Rapid7CVELIST:CVE-2020-7377

HistoryAug 24, 2020 - 7:10 p.m.

CVE-2020-7377 Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module

2020-08-2419:10:18

CWE-23

rapid7

www.cve.org

rapid7

metasploit framework

relative path traversal

telpho10_credential_dump

vulnerability

untar method

arbitrary files

host file system

malicious http server

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON

The Metasploit Framework module “auxiliary/admin/http/telpho10_credential_dump” module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server.

CNA Affected

[
  {
    "product": "Metasploit Framework",
    "vendor": "Rapid7",
    "versions": [
      {
        "lessThan": "4.12.40*",
        "status": "affected",
        "version": "4.12.40",
        "versionType": "custom"
      },
      {
        "lessThan": "6.0.3",
        "status": "affected",
        "version": "6.0.3",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/rapid7/metasploit-framework/issues/14015

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON

Related for CVELIST:CVE-2020-7377