Vulnerability CVE-2020-7384


Published: 2020-10-29   Modified: 2020-11-01

Description:
Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Metasploit Framework 6.0.11 Command Injection
Justin Steven
30.01.2021

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://github.com/rapid7/metasploit-framework/pull/14288

Copyright 2024, cxsecurity.com

 

Back to Top