CVE-2021-26814

HIGH

Wazuh < 4.0.3 - Path Traversal

Title source: rule

Description

Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service script.

Exploits (3)

nomisec WORKING POC 4 stars

by WickdDavid · poc

https://github.com/WickdDavid/CVE-2021-26814

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by CYS4srl · poc

https://github.com/CYS4srl/CVE-2021-26814

View Code ZIP pw:eip

nomisec WORKING POC

by paolorabbito · poc

https://github.com/paolorabbito/Internet-Security-Project---CVE-2021-26814

View Code ZIP pw:eip

References (2)

[Release Notes, Vendor Advisory] https://documentation.wazuh.com/4.0/release-notes/release_4_0_4.html

[Release Notes, Third Party Advisory] https://github.com/wazuh/wazuh/releases/tag/v4.0.4

Scores

CVSS v3 8.8

EPSS 0.6402

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (2)

npm/wazuh 4.0.0 - 4.0.4npm

wazuh/wazuh 4.0.0 - 4.0.3

Published Mar 06, 2021

Tracked Since Feb 18, 2026