Wazuh - Active response tools allow arbitrary code execution

Call us anytime

+84949482065

Wazuh – Active response tools allow arbitrary code execution

Post author:System
Post published:2 December 2021
Post category:Blog & News

In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref https://github.com/wazuh/wazuh/issues/10858

Tags: Wazuh - Active response tools allow arbitrary code execution

vShieldz Technologies Ltd

+84949482065

Call us anytime

Wazuh – Active response tools allow arbitrary code execution

links

recent post

Call us anytime

You Might Also Like

SMS Routing Company Syniverse Discloses Breach in SEC Filing

Format String Vulnerability in F5 BIG-IP

Cisco CX Cloud Agent Privilege Escalation Vulnerabilities

links

recent post