CVE-2020-7377
Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Produtos afetados
Rapid7 · Metasploit FrameworkQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →