CVE-2022-1509

Summary

Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

Affected Software

VendorProductVersion RangeStatus
hestiacphestiacp/hestiacpunspecified < 1.5.12affected

Weaknesses

  • CWE-77: CWE-77 Improper Neutralization of Special Elements used in a Command

ADP Enrichment

CVE Program Container

Additional References

References