Wazuh 漏洞列表

A critical Remote Code Execution (RCE) vulnerability exists in Wazuh server versions >= 4.4.0 and < 4.9.1. The vulnerability occurs due to unsafe deserialization in the wazuh-manager package, specifically in the DistributedAPI where parameters are serialized as JSON and deserialized using as_wazuh_object in the framework/wazuh/core/cluster/common.py file. An attacker with API access can exploit this vulnerability by injecting an unsanitized dictionary into DAPI requests, leading to arbitrary Python code execution.

A critical Remote Code Execution (RCE) vulnerability exists in Wazuh server versions >= 4.4.0 and < 4.9.1. The vulnerability occurs due to unsafe deserialization in the wazuh-manager package, specifically in the DistributedAPI where parameters are serialized as JSON and deserialized using as_wazuh_object in the framework/wazuh/core/cluster/common.py file. An attacker with API access can exploit this vulnerability by injecting an unsanitized dictionary into DAPI requests, leading to arbitrary Python code execution.

Wazuh contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.