CVE-2018-1000161

Published: 4/18/2018 Last updated: 8/5/2024 Reserved: 3/27/2018

nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-nmap nbd-tool

Products affected (1)

Product	Vendor	Version
n/a	n/a	< publication

References (2)

https://nmap.org/changelog.html
https://nmap.org/changelog.html