datax-web 2.1.1 OS Command Injectioninformation

Titre	https://github.com/WeiYe-Jing/ https://github.com/WeiYe-Jing/datax-web 2.1.1 OS Command Injection
Description	Remote Code Execution (RCE) refers to an attack where an attacker can execute arbitrary code on a remote computer, thereby gaining control over and compromising the target system. The attacker can execute this code without any user interaction, allowing them to infiltrate the target system and perform a wide range of malicious activities. These activities may include stealing sensitive information, altering data, spreading viruses or malware, and other harmful actions. The `glueSource` parameter of the /api/job/add/ endpoint is vulnerable to Remote Code Execution (RCE).
La source	⚠️ https://github.com/jxp98/VulResearch/blob/main/2024/12/1.Datax-Web%20-%20Remote%20Code%20Execution.md
Utilisateur	jxp. (UID 64049)
Soumission	06/12/2024 10:23 (il y a 1 Année)
Modérer	08/12/2024 21:40 (2 days later)
Statut	Accepté
Entrée VulDB	287277 [WeiYe-Jing datax-web 2.1.1 /api/job/add/ glueSource élévation de privilèges]
Points	20

Interested in the pricing of exploits?

See the underground prices here!