Description
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
Published: 2026-06-25
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Sed plugin in Rapid7 InsightConnect on Linux contains an input‑validation flaw that permits arbitrary file paths to be supplied via the expression parameter, enabling an authenticated user to read any file on the host. This flaw subsumes CWE‑200 (Information Exposure) and CWE‑22 (Path Traversal). The result is that confidential files, including configuration and credential files, can be exposed to an attacker who has access to the plugin.

Affected Systems

Rapid7 InsightConnect Sed Plugin for Linux is impacted. No specific version numbers are listed; any installation that includes the Sed plugin is potentially vulnerable.

Risk and Exploitability

The CVSS score of 6.5 indicates a medium impact. EPSS data is unavailable, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be authenticated use of the Sed plugin; the description explicitly states “authenticated attackers” can exploit the flaw. Once authenticated, the attacker can read arbitrary files, but no remote code execution or denial of service is reported.

Generated by OpenCVE AI on June 25, 2026 at 01:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Rapid7 InsightConnect Sed Plugin update that addresses the arbitrary file read issue.
  • If a patch is not yet available, disable or restrict the Sed plugin to trusted administrators or remove it from the deployment.
  • Configure file‑system permissions to limit the plugin’s directory access to its own runtime directory only, mitigating path‑traversal attempts.
  • Enable detailed logging of all Sed plugin file read operations and monitor for suspicious activity.

Generated by OpenCVE AI on June 25, 2026 at 01:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
Description Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
Title Arbitrary File Read in Rapid7 InsightConnect Sed Plugin
Weaknesses CWE-200
CWE-22
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: rapid7

Published:

Updated: 2026-06-25T00:33:02.961Z

Reserved: 2026-05-21T01:03:52.110Z

Link: CVE-2026-9153

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T02:00:05Z

Weaknesses
  • CWE-200

    Exposure of Sensitive Information to an Unauthorized Actor

  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')