CVE-2021-44079

CVE-2021-44079

EPSS 3.3%

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/wazuh/wazuh/issues/10858 https://github.com/wazuh/wazuh/issues/10858#issuecomment-991118254 https://github.com/wazuh/wazuh/pull/10809