CVE-2026-8658
MediumCVSS 6.0Exploitation Probability (EPSS)
Low risk50th percentile — higher than 50% of all known CVEs
Summary
The Tcpdump plugin for Rapid7 InsightConnect on Linux is vulnerable to OS command injection. An authenticated attacker can execute arbitrary commands via the options or filter parameters due to insufficient input sanitization.
Risk Assessment
The risk involves potential server compromise by an authenticated attacker, leading to data theft, configuration changes, or further attacks on the infrastructure.
Recommendation
Immediately update the Tcpdump plugin to the latest version from the vendor and implement input validation for the options and filter parameters.
Original NVD description (English source)
OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction.

