CVE-2022-35631
Filesystem race on temporary files
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.
Productos afectados
Rapid7 · Velociraptor¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →