Rapid7 Metasploit Framework vulnerabilities
6 known vulnerabilities affecting rapid7/metasploit_framework.
Total CVEs
6
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5
Vulnerabilities
Page 1 of 1
CVE-2019-5645P2HIGHCVSS 7.5PoC≥ 5.0.27, ≤ 5.0.272020-09-01
CVE-2019-5645 [HIGH] CWE-400 CVE-2019-5645: By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an at
By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. When evaluated, this malicious handler can either prevent new HTTP handler sessions from being established, or cause a resource exhaustion on the Metasploit server.
nvd
CVE-2020-7350P3HIGHCVSS 7.8PoC≥ 5.0.85, < 5.0.852020-04-22
CVE-2020-7350 [HIGH] CWE-78 CVE-2020-7350: Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command In
Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to be imported by Metasploit from a variety of sources and trig
nvd
CVE-2020-7376P3CRITICALCVSS 9.8≥ 4.11.7, < 4.11.7*≥ 6.0.3, < 6.0.32020-08-24
CVE-2020-7376 [CRITICAL] CWE-23 CVE-2020-7376: The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path tra
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
nvd
CVE-2020-7385P3HIGHCVSS 8.8≥ 6.0.15, ≤ 6.0.152021-04-23
CVE-2020-7385 [HIGH] CWE-502 CVE-2020-7385: By launching the drb_remote_codeexec exploit, a Metasploit Framework user will inadvertently expose
By launching the drb_remote_codeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance on the vulnerable Distributed Ruby class functions. Since Metasploit Framework typically runs with elevated privileges, this can lead to a system compromise
nvd
CVE-2019-5624P3HIGHCVSS 7.3≥ 4.14.0, ≤ 4.14.02019-04-30
CVE-2019-5624 [HIGH] CWE-22 CVE-2019-5624: Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapi
nvd
CVE-2020-7377P3HIGHCVSS 7.5≥ 4.12.40, < 4.12.40*≥ 6.0.3, < 6.0.32020-08-24
CVE-2020-7377 [HIGH] CWE-23 CVE-2020-7377: The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected b
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server.
nvd