VYPR

Insight Agent

by Rapid7

CVEs (9)

  • CVE-2026-6482HigApr 17, 2026
    risk 0.51cvss 7.8epss 0.00

    The Rapid7 Insight Agent (versions > 4.1.0.2) is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that…

  • CVE-2024-3185MedApr 23, 2024
    risk 0.44cvss 6.8epss 0.00

    A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high…

  • CVE-2026-4837MedApr 8, 2026
    risk 0.43cvss 6.6epss 0.00

    An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS (mTLS) to verify commands from the…

  • CVE-2026-4482MedApr 10, 2026
    risk 0.36cvss 5.5epss 0.00

    The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent…

  • CVE-2023-2273Apr 26, 2023
    risk 0.00cvss epss 0.01

    Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an…

  • CVE-2022-0237Mar 17, 2022
    risk 0.00cvss epss 0.00

    Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and…

  • CVE-2021-4016Jan 21, 2022
    risk 0.00cvss epss 0.00

    Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the snapshot directory. An attacker can access, read and copy any of the files in this directory e.g. asset_info.json or file_info.json, leading to…

  • CVE-2021-4007Dec 14, 2021
    risk 0.00cvss epss 0.00

    Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll,"…

  • CVE-2019-5629Jul 13, 2019
    risk 0.00cvss epss 0.01

    Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally…