Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.
References
| Link | Resource |
|---|---|
| https://extensions.rapid7.com/extension/sed | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
27 Jun 2026, 19:25
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://extensions.rapid7.com/extension/sed - Vendor Advisory | |
| First Time |
Gnu
Linux linux Kernel Gnu sed Linux |
|
| CPE | cpe:2.3:a:gnu:sed:4.2.2:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
25 Jun 2026, 01:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 01:16
Updated : 2026-06-27 19:25
NVD link : CVE-2026-9154
Mitre link : CVE-2026-9154
CVE.ORG link : CVE-2026-9154
JSON object : View
Products Affected
gnu
- sed
linux
- linux_kernel
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
