CVE Catalog

CVE-2026-8658

MediumCVSS 6.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.73%

50th percentile — higher than 50% of all known CVEs

Summary

The Tcpdump plugin for Rapid7 InsightConnect on Linux is vulnerable to OS command injection. An authenticated attacker can execute arbitrary commands via the options or filter parameters due to insufficient input sanitization.

Risk Assessment

The risk involves potential server compromise by an authenticated attacker, leading to data theft, configuration changes, or further attacks on the infrastructure.

Recommendation

Immediately update the Tcpdump plugin to the latest version from the vendor and implement input validation for the options and filter parameters.

Original NVD description (English source)

OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS