Security Advisory

CVE-2024-5821

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-03 17:45:24
Last updated 2025-10-15 12:49:44
Assigner @huntr_ai
State PUBLISHED

Description

The vulnerability allows an attacker to access sensitive files on the server by confusing the agent with incorrect file names. When a user requests the content of a file with a misspelled name, the agent attempts to correct the command and inadvertently reveals the content of the intended file, such as /etc/passwd. This can lead to unauthorized access to sensitive information and potential server compromise.