CVE-2025-15616

🗓️ 27 Mar 2026 16:38:20Reported by VulnCheckType

CVE-2025-15616: Wazuh before 4.8.0 has shell injection and untrusted search path flaws enabling remote code execution.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2025-15616	27 Mar 202616:38	–	attackerkb
CNNVD	Wazuh 代码注入漏洞	27 Mar 202600:00	–	cnnvd
Cvelist	CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path	27 Mar 202616:38	–	cvelist
EUVD	EUVD-2025-209103	27 Mar 202618:31	–	euvd
NVD	CVE-2025-15616	27 Mar 202617:16	–	nvd
Positive Technologies	PT-2026-28279	27 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-15616	28 Mar 202616:59	–	redhatcve
Vulnrichment	CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path	27 Mar 202616:38	–	vulnrichment

NVD

Vulners

Node

wazuh wazuhRange2.1.0–4.8.0

[
  {
    "vendor": "Wazuh",
    "product": "wazuh-agent",
    "packageName": "wazuh-agent",
    "versions": [
      {
        "version": "2.1.0",
        "lessThan": "4.8.0",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Wazuh",
    "product": "wazuh-manager",
    "packageName": "wazuh-manager",
    "versions": [
      {
        "version": "2.1.0",
        "lessThan": "4.8.0",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
github	www.github.com/wazuh/wazuh/security/advisories/GHSA-522v-p59v-58gm
vulncheck	www.vulncheck.com/advisories/multiple-vulnerabilities-related-to-shell-injection-and-path-traversal-flaws

31 Mar 2026 18:25Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.7 - 7.2

CVSS 47.1

EPSS0.00194

SSVC

CWE-94