Описание
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.11.7 (включая) до 6.0.3 (исключая)
cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00326
Низкий
7.1 High
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-23
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
EPSS
Процентиль: 55%
0.00326
Низкий
7.1 High
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-23
CWE-22