Unrated severityNVD Advisory· Published Sep 3, 2020· Updated Aug 4, 2024

Unquoted Path in Rapid7 Nexpose Installer

CVE-2020-7382

Description

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.

Affected products

Rapid7/Nexposev5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

help.rapid7.com/insightvm/en-us/release-notes/index.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000