Main Vulnerability Database Vulnerabilities #VU27308

OS Command Injection in Metasploit - CVE-2020-7350

Published: April 24, 2020 / Updated: April 27, 2020

Vulnerability identifier: #VU27308

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2020-7350

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vendor: Rapid7

Affected software:
Metasploit

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name on the operator's terminal. A remote unauthenticated attacker can use a specially-crafted hostname or service name and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2020-7350

Install updates from vendor's website.

Sources

https://github.com/rapid7/metasploit-framework/issues/13026

OS Command Injection in Metasploit - CVE-2020-7350

Detailed vulnerability description

How to mitigate CVE-2020-7350

Sources

Please verify you're human