In the wazuh-slack active response script in Wazuh 4.2.x prior to 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wazuh wazuh |