CVE-2022-35631
Filesystem race on temporary files
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.
Affected products
Rapid7 · VelociraptorWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →