{"uuid": "f995495c-f090-45aa-97fa-df4cda49ca42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/34", "content": "\u2699\ufe0f Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17 Source:\n https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve", "creation_timestamp": "2025-02-18T10:46:04.000000Z"}