CVE-2020-7377

The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server.
References
Link Resource
https://github.com/rapid7/metasploit-framework/issues/14015 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:*

Information

Published : 2020-08-24 07:15

Updated : 2020-09-01 07:06


NVD link : CVE-2020-7377

Mitre link : CVE-2020-7377

Products Affected
CWE