First published: Wed Apr 22 2020(Updated: )
Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to be imported by Metasploit from a variety of sources and trigger a command injection on the operator's terminal. Note, only the Metasploit Framework and products that expose the plugin system is susceptible to this issue -- notably, this does not include Rapid7 Metasploit Pro. Also note, this vulnerability cannot be triggered through a normal scan operation -- the attacker would have to supply a file that is processed with the db_import command.
Credit: cve@rapid7.con
Affected Software | Affected Version | How to fix |
---|---|---|
Rapid7 Metasploit | <5.0.85 |
This issue is resolved in Metasploit Pro version 5.0.85
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-7350.
The title of the vulnerability is 'Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection'.
The severity of CVE-2020-7350 is high, with a severity value of 7.8.
Rapid7 Metasploit Framework versions before 5.0.85 are affected by CVE-2020-7350.
To fix CVE-2020-7350, update your Rapid7 Metasploit Framework to version 5.0.85 or later.