Security Advisory

CVE-2021-26814

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-06 01:24:12

Last updated 2024-08-03 20:33:41

Assigner mitre

State PUBLISHED

Description

Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service script.

← Browse all CVEs View on cve.org ↗