⚙️ Wazuh — Unsafe Deserialization RCE (CVE-2025-24016)
An unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.
🔗 Source:
https://github.com/0xjessie21/CVE-2025-24016
#wazuh #deserialization #rce #cve
An unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.
🔗 Source:
https://github.com/0xjessie21/CVE-2025-24016
#wazuh #deserialization #rce #cve
1🔥15❤5👍3