CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 3CVE-2019-5624 – Rapid7 Metasploit Framework Zip Import Directory Traversal
https://notcve.org/view.php?id=CVE-2019-5624
30 Apr 2019 — Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions. Rapid7 Metasploit Framework padece de una situación de CWE-22, limitación inapropiada de un Pathn... • https://github.com/VoidSec/CVE-2019-5624 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15084 – Metasploit Web UI < 4.14.1-20170828 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-15084
06 Oct 2017 — The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22. La interfaz web de usuario en Rapid7 Metasploit en versiones anteriores a la 4.14.1-20170828 permite el CSRF al cerrar sesión. Esto también se conoce como R7-2017-22. • https://packetstorm.news/files/id/144528 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5244
https://notcve.org/view.php?id=CVE-2017-5244
15 Jun 2017 — Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have been allowed, as the stop/stop_all routes change the state of the service. This could have allowed an attacker to stop currently-running Metasploit tasks by getting an authenticated user to execute JavaScript. As of Metasploit 4.14.0 (Update 2017061301), the routes for stopping tasks only allow POST requests, which validate the presence of a secret token to prevent CSRF att... • http://www.securityfocus.com/bid/99082 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5235
https://notcve.org/view.php?id=CVE-2017-5235
02 Mar 2017 — Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. Instaladores de Rapid7 Metasploit Pro anteriores a la versión 4.13.0-2017022101 contienen una vulnerabilidad de precarga de DLL, donde es posible que el instalador cargue una DLL maliciosa ubicada en el directorio de trabajo actual del instalador. • http://www.securityfocus.com/bid/96548 • CWE-426: Untrusted Search Path •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5231
https://notcve.org/view.php?id=CVE-2017-5231
02 Mar 2017 — All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. Todas las ediciones de Rapid7 Metasploit anteriores a la versión 4.13.0-2017020701 contienen una vulnerabilidad de salto de directorio en la funci... • http://www.securityfocus.com/bid/96954 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5229
https://notcve.org/view.php?id=CVE-2017-5229
02 Mar 2017 — All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. Todas las ediciones de Rapid7 Metasploit anteriores a la versión 4.13.0-2017020701 contienen una vulnerabilidad de salto de directorio en la función Meterpr... • http://www.securityfocus.com/bid/96954 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5228
https://notcve.org/view.php?id=CVE-2017-5228
02 Mar 2017 — All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. Todas las ediciones de Rapid7 Metasploit anteriores a la versión 4.13.0-2017020701 contienen una vulnerabilidad de salto de directorio en la función Meterpreter std... • http://www.securityfocus.com/bid/96954 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •