CVE-2025-15616

MEDIUM 6.7

Wazuh Agent and Manager OS Command Injection and Untrusted Search Path

CVSS Score

6.7

EPSS Score

0.0%

EPSS Percentile

0th

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, and Kaspersky AR script parameters. Attackers can exploit these vulnerabilities by injecting malicious commands through configuration files, SMTP server settings, and custom flags to achieve remote code execution on affected systems.

CWE	CWE-94
Vendor	wazuh
Product	wazuh-agent
Published	Mar 27, 2026
Last Updated	Mar 27, 2026

Stay Ahead of the Next One

Get instant alerts for wazuh wazuh-agent

Be the first to know when new medium vulnerabilities affecting wazuh wazuh-agent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

Affected Versions

Wazuh / wazuh-agent

2.1.0 < 4.8.0

Wazuh / wazuh-manager

2.1.0 < 4.8.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wazuh/wazuh/security/advisories/GHSA-522v-p59v-58gm vulncheck.com: https://www.vulncheck.com/advisories/multiple-vulnerabilities-related-to-shell-injection-and-path-traversal-flaws

Credits

Published by @vikman90. Pedro Nicolas Gomez Palacios (Nicogp)