In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref https://github.com/wazuh/wazuh/issues/10858
Wazuh – Active response tools allow arbitrary code execution
- Post author:System
- Post published:2 December 2021
- Post category:Blog & News