CVE-2020-7381
MEDIUMRapid7 Nexpose < 6.6.40 - Unauthenticated Code Execution via Executable Spoofing
Title source: llmDescription
In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Security Console installation and any arbitrary code executable using the same file name.
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://help.rapid7.com/insightvm/en-us/release-notes/index.html?pid=6.6.40
Scores
CVSS v3
5.8
EPSS
0.0068
EPSS Percentile
47.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
Details
CWE
CWE-94
Status
published
Products (1)
rapid7/nexpose
< 6.6.40
Published
Sep 03, 2020
Tracked Since
Feb 18, 2026