Skip to main content

CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.

 

June 9, 2025 By Eduard Kovacs

 

A critical remote code execution vulnerability affecting Wazuh servers has been exploited by Mirai botnets, Akamai warned on Monday.

Wazuh is a free and open source security platform designed for threat detection and response. Its developers announced on February 10 that they had patched CVE-2025-24016, an unsafe deserialization issue affecting servers running version 4.4.0 and newer, prior to 4.9.1, which includes a patch.

“An unsafe deserialization vulnerability allows for remote code execution on Wazuh servers,” the developers explained. “The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent.”

 

>>Full Article<<

Be the first to reply!

Reply