8 matches found
Chaosblade < 1.7.4 - Remote Code Execution
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication. id: CVE-2023-47105 info: name: Chaosblade 1.7.4 - Remote Code Execution author: s4e-io severity: high description: | exec.CommandContext in...
GO-2024-3133 Chaosblade vulnerable to OS command execution in github.com/chaosblade-io/chaosblade
Chaosblade vulnerable to OS command execution in github.com/chaosblade-io/chaosblade...
Chaosblade vulnerable to OS command execution
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
GHSA-723H-X37G-F8QM Chaosblade vulnerable to OS command execution
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
CVE-2023-47105
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
CVE-2023-47105
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
CVE-2023-47105
Chaosblade (github.com/chaosblade-io/chaosblade) versions 0.3–1.7.3 are vulnerable when running in server mode: unauthenticated command execution is possible via the cmd parameter in exec.CommandContext. The flaw allows remote command execution against the Chaosblade HTTP service with server mode...
Chaosblade 安全漏洞
Chaosblade is an open source experimental injection tool from ChaosBlade Open Source. A security vulnerability exists in Chaosblade versions 0.3 through 1.7.3, which stems from allowing the execution of operating system commands via the cmd parameter without authentication when using server mode...