The Metasploit Framework module “post/osx/gather/enum_osx module” is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
CPE | Name | Operator | Version |
---|---|---|---|
metasploit | ge | 4.11.7 | |
metasploit | lt | 6.0.3 |