CVE-2021-44079

CVE-2021-44079

EPSS 3.3%

In the wazuh-slack active response script in Wazuh 4.2.x before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/wazuh/wazuh/issues/10858 https://github.com/wazuh/wazuh/issues/10858#issuecomment-991118254 https://github.com/wazuh/wazuh/pull/10809