GHSA-5854-xw4j-hrh6HighCVSS 7.7

OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute...

Published
June 25, 2026
Last Modified
June 25, 2026

🔗 CVE IDs covered (1)

📋 Description

OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters due to insufficient input validation when constructing shell commands.

🔗 References (3)