Skip to main content

Insightconnect Tcpdump Plugin

1 CVEs product

Monthly

CVE-2026-8658 HIGH PATCH This Week

OS command injection in Rapid7's InsightConnect Tcpdump Plugin (versions before 2.0.0) on Linux lets an authenticated attacker run arbitrary operating-system commands by injecting shell metacharacters into the 'options' or 'filter' parameters, which are unsafely concatenated into a tcpdump shell invocation. An attacker holding low-privileged access to a SOAR workflow that uses this plugin can fully compromise the orchestrator host (high confidentiality, integrity, and availability impact). There is no public exploit identified at time of analysis and the issue is not on the CISA KEV list; EPSS is modest at 0.73%.

Command Injection Insightconnect Tcpdump Plugin
NVD VulDB
CVSS 3.1
8.8
EPSS
0.7%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

OS command injection in Rapid7's InsightConnect Tcpdump Plugin (versions before 2.0.0) on Linux lets an authenticated attacker run arbitrary operating-system commands by injecting shell metacharacters into the 'options' or 'filter' parameters, which are unsafely concatenated into a tcpdump shell invocation. An attacker holding low-privileged access to a SOAR workflow that uses this plugin can fully compromise the orchestrator host (high confidentiality, integrity, and availability impact). There is no public exploit identified at time of analysis and the issue is not on the CISA KEV list; EPSS is modest at 0.73%.

Command Injection Insightconnect Tcpdump Plugin
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy