Remote code execution

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution...

Wazuh 命令注入漏洞

Wazuh is Wazuh an open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A command injection vulnerability exists in the wazuh-slack active response script in Wazuh before 4.2.5, which...