20 matches found
CVE-2025-15616
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...
CVE-2025-15616
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 are affected by multiple shell injection and untrusted search path vulnerabilities. Attackers can achieve remote code execution by injecting commands via logcollector configuration, maild SMTP server tags, and Kaspersky AR script par...
CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...
CVE-2025-15616
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...
CVE-2025-15616 Wazuh Agent and Manager OS Command Injection and Untrusted Search Path
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR...
EUVD-2025-198509
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leadin...
CVE-2025-30201 Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leadin...
CVE-2025-30201
CVE-2025-30201 affects Wazuh Agent prior to version 4.13.0. The vulnerability allows authenticated attackers to force NTLM authentication through crafted UNC paths in various agent configuration settings, enabling NTLM relay attacks that could lead to privilege escalation and remote code executio...
CVE-2025-30201 Wazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration Capabilities
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leadin...
EUVD-2024-17008
Malicious code in bioql PyPI...
EUVD-2024-35565
Malicious code in bioql PyPI...
CVE-2024-1243
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...
CVE-2024-1243
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...
CVE-2024-1243
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...
CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...
PT-2025-25177 · Wazuh · Wazuh Agent For Windows
Name of the Vulnerable Software and Affected Versions: Wazuh agent for Windows versions prior to 4.8.0 Description: The issue is caused by improper input validation in the Wazuh agent for Windows, allowing an attacker with control over the Wazuh server or agent key to configure the agent to conne...
The vulnerability of the Wazuh intrusion detection and prevention agent, related to access control errors, allows intruders to increase their privileges.
The vulnerability of the Wazuh intrusion detection and prevention agent is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges by placing a specially crafted DLL file in the directory where the installed software resides...
GO-2025-3444 Improper Access Control in wazuh-agent in github.com/wazuh/wazuh
Improper Access Control in wazuh-agent in github.com/wazuh/wazuh...
CVE-2024-35177 Improper Access Control in wazuh-agent
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
CVE-2024-35177
CVE-2024-35177 affects the wazuh-agent for Windows, where an improper ACL on the non-default installation directory enables Local Privilege Escalation. A low-privileged user could drop a malicious DLL in the agent’s installation folder or replace the service executable, exploiting DLL search/load...