High severity8.1NVD Advisory· Published Aug 24, 2020· Updated Jun 17, 2026
CVE-2020-7377
CVE-2020-7377
Description
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: 4.12.40
Patches
Vulnerability mechanics
References
1- github.com/rapid7/metasploit-framework/issues/14015nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.