[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

Path traversal vulnerability in Wazuh - CVE-2021-26814 (rpm)

ID: oval:org.secpod.oval:def:77997Date: (C)2022-03-03   (M)2022-07-13
Class: VULNERABILITYFamily: unix




The host is installed with Wazuh Agent 4.0.0 through 4.0.3 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to handle an issue in /manager/files and /cluster/{node_id}/files endpoints. Successful exploitation could allow authenticated attackers to execute arbitrary code with administrative privileges via /manager/files URI.

Platform:
Linux
Product:
Wazuh Agent
Reference:
CVE-2021-26814
CVE    1
CVE-2021-26814

© SecPod Technologies