CVE-2017-5228

HIGH Year: 2017
CVSS v3 Score
7.1
High
CVSS v2 Score
5.1
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance.

Related Vulnerabilities

CVE-2016-10330

HIGH
CVSS:7.1(High)

Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.

CWE-222016

CVE-2016-6896

HIGH
CVSS:7.1(High)

Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read ...

CWE-222016

CVE-2017-15309

HIGH
CVSS:7.1(High)

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious fi...

CWE-222017

CVE-2017-2706

HIGH
CVSS:7.1(High)

Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are t...

CWE-222017

CVE-2017-5229

HIGH
CVSS:7.1(High)

All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted...

CWE-222017

CVE-2017-5231

HIGH
CVSS:7.1(High)

All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a special...

CWE-222017