Security Advisory

CVE-2021-47748

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-21 17:27:31

Last updated 2026-01-22 16:22:23

Assigner VulnCheck

State PUBLISHED

Description

Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the run_sql endpoint by crafting malicious GraphQL queries that execute system commands through PostgreSQLs COPY FROM PROGRAM functionality.

← Browse all CVEs View on cve.org ↗