CVEs-PoC/2017/CVE-2017-7500.md

### [CVE-2017-7500](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7500)
![](https://img.shields.io/static/v1?label=Product&message=rpm&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.13.0.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.14.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59&color=brightgreen)

### Description

It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon