69 matches found
EUVD-2023-33779
Malicious code in bioql PyPI...
EUVD-2021-33921
Malicious code in bioql PyPI...
New! Insight Agent Support for ARM-based Windows in InsightVM
We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...
CVE-2024-3185 Rapid7 Insight Agent Sensitive Key Exposed To Local Users
A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high privileges. This wa...
Rapid7 Insight Agent 安全漏洞
Rapid7 Insight Agent is a lightweight software from Rapid7 USA. The software is capable of collecting data from IT assets. Rapid7 Insight Agent has a security vulnerability that stems from the use of a key that does not follow the principle of least privilege by default, allowing a local attacker...
Alerting Rules!: InsightIDR Raises the Bar for Visibility and Coverage
By George Schneider, Information Security Manager at Listrak I've worked in cybersecurity for over two decades, so I've seen plenty of platforms come and go—some even crash and burn. But Rapid7, specifically InsightIDR, has consistently performed above expectations. In fact, InsightIDR has become...
CVE-2023-2273
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
Path traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
CVE-2023-2273
CVE-2023-2273 affects Rapid7 Insight Agent (token handler) versions ≤ 3.2.6. The issue is a Directory Traversal where an unsanitized CLI argument flows into io.ioutil.WriteFile and is used as a path, enabling an attacker to write arbitrary files. Remediation: upgrade to version 3.3.0, which adds ...
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
Rapid7 Insight Agent 路径遍历漏洞
Rapid7 Insight Agent is a lightweight software from Rapid7 USA. The software is capable of collecting data from IT assets. A security vulnerability exists in Rapid7 Insight Agent version 3.2.6 and earlier versions. An attacker exploiting this vulnerability can write to arbitrary files...
PT-2023-18671 · Rapid7 · Rapid7 Insight Agent
Name of the Vulnerable Software and Affected Versions: Rapid7 Insight Agent versions 3.2.6 and below Description: The issue is related to a Directory Traversal vulnerability. Unsantized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path, potentially allowing an...
AWS Graviton Processor Support on Insight Agent
By Marco Botros Marco is a Technical Product Manager for Platform at Rapid7. We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor, including Amazon Linux, Redhat, and Ubuntu...
Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)
As stated in our OpenSSL Buffer Overflow blog post, the CVE-2022-3786 & CVE-2022-3602 vulnerabilities affecting OpenSSL’s 3.0.x versions both rely on a maliciously crafted email address in a certificate. CVE-2022-3786 can overflow an arbitrary number of bytes on the stack with the “.” character a...
Rapid7 Insight Agent has an unspecified vulnerability
Rapid7 Insight Agent is a lightweight software from Rapid7, Inc. The software is capable of collecting data from IT assets.A security vulnerability exists in Rapid7 Insight Agent version 3.1.2.38 and prior versions, which stems from the fact that Rapid7 Insight Agent version 3.1.2.38 and prior...
CVE-2022-0237
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the iragent.exe component, resulting in elevated rights and persistent access to t...
CVE-2022-0237
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the iragent.exe component, resulting in elevated rights and persistent access to t...
Privilege escalation
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the iragent.exe component, resulting in elevated rights and persistent access to t...
CVE-2022-0237
Rapid7 Insight Agent versions 3.1.2.38 and earlier are affected by a privilege-escalation flaw in ir_agent.exe caused by an unquoted runas.exe argument. This allows an attacker with local access to hijack execution flow and gain elevated, persistent access on the machine. The issue has been fixed...