Davide Meacci

Name of the Vulnerable Software and Affected Versions: Wazuh versions 4.0.0 through 4.0.3 Description: The issue allows authenticated users to execute arbitrary code with administrative privileges via the "/manager/files" API endpoint. This is possible due to incomplete input validation on the "/manager/files" API, which can be exploited by an authenticated user to inject arbitrary code within the API service script. Recommendations: For versions 4.0.0 through 4.0.3, update to a version outside of this range to mitigate the risk of arbitrary code execution. As a temporary workaround, consider restricting access to the "/manager/files" API endpoint to minimize the risk of exploitation.