VYPR
Unrated severityNVD Advisory· Published Sep 3, 2020· Updated Aug 4, 2024

Unquoted Path in Rapid7 Nexpose Installer

CVE-2020-7382

Description

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.

Affected products

2
  • Rapid7/Nexposellm-fuzzy2 versions
    <6.6.40+ 1 more
    • (no CPE)range: <6.6.40
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.