Unrated severityNVD Advisory· Published Sep 3, 2020· Updated Aug 4, 2024
Unquoted Path in Rapid7 Nexpose Installer
CVE-2020-7382
Description
Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.
Affected products
2Patches
Vulnerability mechanics
References
1- help.rapid7.com/insightvm/en-us/release-notes/index.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.