3 matches found
CVE-2021-32829
creationtimestamp| type| source ---|---|--- 2021-08-17 20:15:56+00:00| seen| https://t.me/cibsecurity/27438...
CVE-2021-32829
ZStack REST API is affected by a post-authentication Remote Code Execution (RCE) vulnerability via bypass of the Groovy sandbox. The GET zstack/v1/batch-queries?script endpoint processes a Groovy script through APIBatchQueryMsg.script, evaluated in BatchQuery.query, with sandboxing applied by San...
CVE-2021-32829 Post-authentication Remote Code Execution (RCE) in ZStack REST API
ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...