3 matches found
CVE-2023-2273
CVE-2023-2273 affects Rapid7 Insight Agent (token handler) versions ≤ 3.2.6. The issue is a Directory Traversal where an unsanitized CLI argument flows into io.ioutil.WriteFile and is used as a path, enabling an attacker to write arbitrary files. Remediation: upgrade to version 3.3.0, which adds ...
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...
CVE-2023-2273 Rapid7 Insight Agent Directory Traversal
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...