CVE-2019-5630

MEDIUM

Rapid7 Nexpose 6.5.0-6.5.68 - Cross-Site Request Forgery via Flash Pre-Flight Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-5630. PoCs published by rbeede.

AI-analyzed exploit summary This PoC is a Python HTTP server that exploits CVE-2019-5630, a CSRF vulnerability in Rapid7 InsightVM. It serves a malicious SWF file and redirects POST requests to the vulnerable API endpoint to manipulate user data.

Description

A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request.

Exploits (1)

nomisec WORKING POC

by rbeede · poc

https://github.com/rbeede/CVE-2019-5630

View Code ZIP pw:eip

This PoC is a Python HTTP server that exploits CVE-2019-5630, a CSRF vulnerability in Rapid7 InsightVM. It serves a malicious SWF file and redirects POST requests to the vulnerable API endpoint to manipulate user data.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Rapid7 InsightVM (version not specified)

No auth needed

Prerequisites: Victim must visit attacker-controlled server · Victim must have an active session in Rapid7 InsightVM

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Release Notes, Vendor Advisory x_refsource_confirm

https://help.rapid7.com/nexpose/en-us/release-notes#6.5.69

Scores

CVSS v3 5.9

EPSS 0.0110

EPSS Percentile 78.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

Details

CWE

CWE-352

Status published

Products (1)

rapid7/nexpose 6.5.0 - 6.5.68

Published Jul 03, 2019

Tracked Since Feb 18, 2026