Path traversal

2020-08-2419:15:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

JSON

The Metasploit Framework module “post/osx/gather/enum_osx module” is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.

CPENameOperatorVersion
metasploitge4.11.7
metasploitlt6.0.3

CPE	Name	Operator	Version
	metasploit	ge	4.11.7
	metasploit	lt	6.0.3

References

github.com/rapid7/metasploit-framework/issues/14008