2 matches found
CVE-2023-50260
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
The vulnerability of the host_deny script in the Wazuh intrusion detection and prevention system allows a perpetrator to escalate their privileges and execute arbitrary commands.
The vulnerability of the hostdeny script in the Wazuh intrusion detection and prevention system is related to the lack of IP address checking for blocking incoming connections due to incorrect code generation. Exploiting this vulnerability allows a remote attacker to enhance their privileges and...