N/A

Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have been allowed, as the stop/stop_all routes change the state of the service. This could have allowed an attacker to stop currently-running Metasploit tasks by getting an authenticated user to execute JavaScript. As of Metasploit 4.14.0 (Update 2017061301), the routes for stopping tasks only allow POST requests, which validate the presence of a secret token to prevent CSRF attacks.

N/A

跨站请求伪造(CSRF)

Rapid7 Metasploit Express、Community和Pro 跨站请求伪造漏洞

Rapid7 Metasploit是美国Rapid7公司的一款开源的安全漏洞检测工具。Metasploit Express、Community和Pro分别是不同的版本。 Rapid7 Metasploit 中存在跨站请求伪造漏洞，该漏洞源于程序没有充分的执行跨站请求保护。远程攻击者可通过诱使已认证的用户执行JavaScript利用该漏洞停止正在运行的Metasploit任务。以下版本受到影响：Metasploit Express 4.14.0之前的版本；Metasploit Community 4.14.

N/A

N/A