You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Command injection in daemonControl() (/web/api/app/Controller/HostController.php):
Any authenticated user can construct an api command to execute any shell command as the web user.
Patches
Fixed by 3bd58d8. Fix released in 1.36.33 and 1.37.33.
Impact
Command injection in daemonControl() (
/web/api/app/Controller/HostController.php):Any authenticated user can construct an api command to execute any shell command as the web user.
Patches
Fixed by 3bd58d8. Fix released in 1.36.33 and 1.37.33.
Workarounds
Apply patch manually.
###Credits Aymen Borgi