Security Advisory

CVE-2017-5229

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-03-02 20:00:00

Last updated 2024-08-05 14:55:35

Assigner rapid7

State PUBLISHED

Description

All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance.

← Browse all CVEs View on cve.org ↗