Vulnerabilities > Rapid7 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-26 | CVE-2023-2273 | Path Traversal vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. | 7.5 |
| 2023-03-21 | CVE-2023-1304 | Code Injection vulnerability in Rapid7 Insightappsec and Insightcloudsec An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. | 8.8 |
| 2023-03-21 | CVE-2023-1305 | Unspecified vulnerability in Rapid7 Insightappsec and Insightcloudsec An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. | 8.1 |
| 2023-03-21 | CVE-2023-1306 | Code Injection vulnerability in Rapid7 Insightappsec and Insightcloudsec An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. | 8.8 |
| 2023-01-18 | CVE-2023-0242 | Missing Authorization vulnerability in Rapid7 Velociraptor Rapid7 Velociraptor allows users to be created with different privileges on the server. | 8.8 |
| 2023-01-12 | CVE-2017-5242 | Use of Insufficiently Random Values vulnerability in Rapid7 Insightvm Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. | 7.7 |
| 2022-03-17 | CVE-2022-0237 | Unquoted Search Path or Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. | 7.8 |
| 2022-03-17 | CVE-2022-0757 | SQL Injection vulnerability in Rapid7 Nexpose Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. | 8.8 |
| 2021-12-14 | CVE-2021-4007 | Uncontrolled Search Path Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. | 7.8 |
| 2021-04-23 | CVE-2020-7385 | Deserialization of Untrusted Data vulnerability in Rapid7 Metasploit By launching the drb_remote_codeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance on the vulnerable Distributed Ruby class functions. | 8.8 |