Miggo Logo

CVE-2020-7385: Metasploit Framework user exposes Metasploit to same deserialization issue that is exploited by that module

8.1

CVSS Score
3.1

Basic Information

EPSS Score
0.67948%
Published
5/24/2022
Updated
5/5/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
metasploit-frameworkrubygems< 4.19.04.19.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the drb_remote_codeexec module's use of DRb.start_service, which creates an insecure DRb server. The GitHub PR #14300 explicitly removed this service initialization (commit 49145bf) to mitigate the risk. The CWE-502 (Deserialization of Untrusted Data) aligns with DRb's known insecure deserialization behavior. The module's removal in PR #14335 further confirms the inherent vulnerability in its DRb implementation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*y l*un**in* t** *r*_r*mot*_*o***x** *xploit, * M*t*sploit *r*m*work us*r will in**v*rt*ntly *xpos* M*t*sploit to t** s*m* **s*ri*liz*tion issu* t**t is *xploit** *y t**t mo*ul*, *u* to t** r*li*n** on t** vuln*r**l* *istri*ut** Ru*y *l*ss *un*tions.

Reasoning

T** vuln*r**ility st*ms *rom t** *r*_r*mot*_*o***x** mo*ul*'s us* o* *R*.st*rt_s*rvi**, w*i** *r**t*s *n ins**ur* *R* s*rv*r. T** *it*u* PR #***** *xpli*itly r*mov** t*is s*rvi** initi*liz*tion (*ommit *******) to miti**t* t** risk. T** *W*-*** (**s*