Land #14034, telpho10_credential_dump: Prevent traversal in untar

rapid7 · Aug 25, 2020 · 9bd687e · 9bd687e
2 parents 84c9e95 + 37a0675
commit 9bd687e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/auxiliary/admin/http/telpho10_credential_dump.rb b/modules/auxiliary/admin/http/telpho10_credential_dump.rb
@@ -37,7 +37,7 @@ def untar(tarfile)
     File.open(tarfile, 'rb') do |file|
       Rex::Tar::Reader.new(file) do |tar|
         tar.each do |entry|
-          dest = File.join destination, entry.full_name
+          dest = File.join(destination, File.basename(entry.full_name))
           if entry.file?
             File.open(dest, 'wb') do |f|
               f.write(entry.read)