Vulnerability Description
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR script parameters. Attackers can exploit these vulnerabilities by injecting malicious commands through configuration files, SMTP server settings, and custom flags to achieve remote code execution on affected systems.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wazuh | Wazuh | >= 2.1.0, < 4.8.0 |
Related Weaknesses (CWE)
References
- https://github.com/wazuh/wazuh/security/advisories/GHSA-522v-p59v-58gmExploitVendor Advisory
- https://www.vulncheck.com/advisories/multiple-vulnerabilities-related-to-shell-iThird Party Advisory
FAQ
What is CVE-2025-15616?
CVE-2025-15616 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through va...
How severe is CVE-2025-15616?
CVE-2025-15616 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-15616?
Check the references section above for vendor advisories and patch information. Affected products include: Wazuh Wazuh.