Remote code execution

2021-11-2207:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.

CPENameOperatorVersion
wazuhge4.2.0
wazuhlt4.2.5

CPE	Name	Operator	Version
	wazuh	ge	4.2.0
	wazuh	lt	4.2.5

References

github.com/wazuh/wazuh/issues/10858

github.com/wazuh/wazuh/pull/10809