Lucene search
K

6 matches found

OSV
OSV
added 2020/04/22 10:15 p.m.3 views

CVE-2020-7350

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

7.8CVSS7.1AI score0.04879EPSS
Exploits4References1
Cvelist
Cvelist
added 2020/04/22 9:25 p.m.32 views

CVE-2020-7350 Metasploit Framework Plugin Libnotify Command Injection

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

6.1CVSS7.9AI score0.04879EPSS
Exploits4References1
CVE
CVE
added 2020/04/22 9:25 p.m.116 views

CVE-2020-7350

CVE-2020-7350 affects Rapid7 Metasploit Framework libnotify plugin. Versions before 5.0.85 allow OS command injection via untrusted data in a remote hostname/service name; an attacker must supply a crafted file processed by db_import to trigger code execution on the operator’s terminal. A fix was...

7.8CVSS7AI score0.04879EPSS
Exploits4References1Affected Software1
0day.today
0day.today
added 2020/04/18 12:0 a.m.35 views

Metasploit Libnotify Arbitrary Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit Libnotify Plugin Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection vulnerability in the...

7.8CVSS0.4AI score0.04879EPSS
Exploits4
Circl
Circl
added 2020/04/16 9:12 p.m.8 views

CVE-2020-7350

creationtimestamp| type| source ---|---|--- 2020-04-16 21:12:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/fileformat/metasploitlibnotifycmdinjection.rb 2024-10-28 14:37:49+00:00| published-proof-of-concept|...

7.8CVSS7.5AI score0.04879EPSS
Exploits4References2
Metasploit
Metasploit
added 2020/04/16 4:28 p.m.22 views

Metasploit Libnotify Plugin Arbitrary Command Execution

This module exploits a shell command injection vulnerability in the libnotify plugin. This vulnerability affects Metasploit versions 5.0.79 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.8CVSS7.8AI score0.04879EPSS
Exploits4
Rows per page
Query Builder