A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)
CVE-2019-5624 A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE) Intro In February 2019 I found a new vulnerability in the Rubyzip library It allows an attacker to exploit insecure ZIP handling (Zip Slip) resulting in remote command execution This vulnerability was leveraged to targets all Metasploit versions < 50