Impact
The ZStack releases before 4.1.0 are vulnerable to Remote Code Execution (RCE).
Patches
The vulnerability is introduced from ZStack 2.2.4, and already patched in ZStack 3.8.21, 3.10.8 and all further versions beyond ZStack 4.1.0.
Workarounds
We strongly suggest users upgrade to patched versions. If you could not upgrade at once, please avoid exposing ZStack API service to public or any other untrusty network.
If you have a Web Application Firewall(WAF), filter requests GET zstack/v1/batch-queries?script which contain @ in url could reduce the impact of this vulnerability.
For more information
If you have any questions or comments about this advisory:
pwntester Analyst
Impact
The ZStack releases before 4.1.0 are vulnerable to Remote Code Execution (RCE).
Patches
The vulnerability is introduced from ZStack 2.2.4, and already patched in ZStack 3.8.21, 3.10.8 and all further versions beyond ZStack 4.1.0.
Workarounds
We strongly suggest users upgrade to patched versions. If you could not upgrade at once, please avoid exposing ZStack API service to public or any other untrusty network.
If you have a Web Application Firewall(WAF), filter requests
GET zstack/v1/batch-queries?scriptwhich contain@in url could reduce the impact of this vulnerability.For more information
If you have any questions or comments about this advisory: