CVE-2024-45505

Name of the Vulnerable Software and Affected Versions: Apache HertzBeat (incubating) versions prior to 1.6.1

Description: This issue is related to an improper neutralization of special elements used in a command, also known as a 'Command Injection' vulnerability. The vulnerability can only be exploited by authorized attackers.

Recommendations: For Apache HertzBeat (incubating) versions prior to 1.6.1, upgrade to version 1.6.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive commands or functions to minimize the risk of exploitation.