VYPR

npm package

wazuh

pkg:npm/wazuh

Vulnerabilities (1)

  • CVE-2021-26814HigMar 6, 2021
    affected >= 4.0.0, < 4.0.4fixed 4.0.4

    Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code withi