CVE 6 MEDIUM

OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin_CVE-2026-8658

June 24, 2026 invoker category_cve
6 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

Description

OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction.

Basic Information

ID CVE-2026-8658
Source rapid7
Published Jun 25, 2026 at 01:56

Affected Product

Vendor Rapid7
Product InsightConnect Tcpdump Plugin
Affected Versions Rapid7 InsightConnect Tcpdump Plugin 0

CWE Classification

CWE-78

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.