Skip to main content

InsightConnect Compression Plugin CVE-2026-8662

| EUVDEUVD-2026-39162 MEDIUM
Path Traversal (CWE-22)
2026-06-25 rapid7 GHSA-x3f7-qmw7-g6pj
4.3
CVSS 3.1 · NVD
Share

Severity by source

Vendor (rapid7) PRIMARY
LOW
qualitative
NVD
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vuln.today AI
3.3 LOW

PR:H confirmed by authenticated-attacker requirement; AC:H for crafted-input constraint; no confidentiality loss per description; I:L and A:L for file corruption only.

3.1 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
4.0 AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (rapid7).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

5
Severity Changed
Jun 29, 2026 - 19:37 NVD
LOW MEDIUM
CVSS changed
Jun 29, 2026 - 19:37 NVD
3.3 (LOW) 4.3 (MEDIUM)
Patch available
Jun 25, 2026 - 04:16 EUVD
Analysis Generated
Jun 25, 2026 - 03:20 vuln.today
CVE Published
Jun 25, 2026 - 01:51 cve.org
LOW 3.3

DescriptionNVD

Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker.

AnalysisAI

Path traversal in Rapid7 InsightConnect's Compression Plugin on Linux allows authenticated attackers with high privileges to write files to arbitrary paths on the underlying host via crafted archive filenames passed to the create_archive function. Impact is constrained to file corruption - the attacker can control write destination but not write content, preventing code execution via this vector alone. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to InsightConnect with high-privilege account
Delivery
Craft archive filename with path traversal sequences
Exploit
Invoke create_archive via workflow or API
Execution
Plugin writes archive entry to traversed filesystem path
Impact
Target file corrupted or overwritten on Linux host

Vulnerability AssessmentAI

Exploitation Exploitation requires: (1) a valid InsightConnect account with high-level privileges sufficient to create or trigger automation workflows (PR:H per CVSS vector); (2) access to a workflow or direct API call that invokes the Compression Plugin's create_archive function with attacker-controlled filename input; (3) the target system running Linux (the vulnerability is explicitly scoped to Linux). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is low. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated InsightConnect operator with high-privilege workflow permissions constructs a workflow that calls the Compression Plugin's create_archive function with a crafted filename containing path traversal sequences (e.g., '../../etc/cron.d/job'). Upon archive creation, the plugin writes the archive entry to the traversed path on the Linux host filesystem, corrupting or replacing an existing file. …
Remediation The primary remediation is to upgrade to a patched version of the Rapid7 InsightConnect Compression Plugin per the vendor advisory at https://extensions.rapid7.com/extension/compression. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-8662 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy