2 matches found
Hoverfly <= 1.11.3 - Remote Code Execution
Hoverfly versions 1.11.3 and below are vulnerable to remote code execution RCE via command injection in the middleware API endpoint /api/v2/hoverfly/middleware. Insufficient validation of the 'binary' and 'script' parameters allows an unauthenticated attacker to execute arbitrary commands on the...
EUVD-2025-27608
Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementation...