Lucene search
PRIOn knowledge basePRION:CVE-2023-2273HistoryApr 26, 2023 - 9:15 a.m.
Path traversal
2023-04-2609:15:00
PRIOn knowledge base
www.prio-n.com
1
rapid7 insight agent
path traversal
directory traversal
vulnerability
version 3.2.6
input sanitization
writefile
path
attacker
arbitrary files
remediated
version 3.3.0
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write arbitrary files. This issue is remediated in version 3.3.0 via safe guards that reject inputs that attempt to do path traversal.
| CPE | Name | Operator | Version |
|---|---|---|---|
| insight_agent | lt | 3.3.0 |
Related
nvd
nvd
CVE-2023-2273
2023-04-26 09:15:09
cve
cve
CVE-2023-2273
2023-04-26 09:15:09
cvelist
cvelist
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
2023-04-26 08:55:36