LogoAISecKit
icon of CVE-2025-24016

CVE-2025-24016

Demonstrates the CVE-2025-24016 RCE vulnerability in the Wazuh server.

Visit Website
image for CVE-2025-24016
Visit Website

Introduction

CVE-2025-24016: RCE in Wazuh Server

This repository demonstrates the remote code execution (RCE) vulnerability in the Wazuh server, introduced by unsafe deserialization in the wazuh-manager package. The vulnerability allows remote attackers with API access to execute arbitrary code on the server.

Key Features
  • Vulnerability Overview: Detailed discussion of the RCE vulnerability
  • Affected Versions: Information on which versions are impacted
  • Proof of Concept: A practical demonstration of the vulnerability
  • Mitigation Advice: Recommendations on how to protect systems by upgrading to patched versions
Benefits
  • Helps developers and security teams understand the risks associated with the Wazuh server.
  • Provides a method to test for vulnerabilities in current systems using a provided Proof of Concept.
Highlights
  • RCE triggered via the run_as endpoint in Wazuh API.
  • Explains the impact and how to reproduce the vulnerability effectively using specific conditions.
Back

Information

  • Publisher
    AISecKit
  • Websitegithub.com
  • Published date2025/04/28

Categories

Tags

More Products

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates