You are currently viewing Wazuh – Active response tools allow arbitrary code execution

Wazuh – Active response tools allow arbitrary code execution

In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref  https://github.com/wazuh/wazuh/issues/10858