Apache Zeppelin Unauthorized Arbitrary Command Execution Vulnerability
Apache Zeppelin Unauthorized Arbitrary Command Execution Vulnerability
Apache Zeppelin Unauthorized Arbitrary Command Execution Vulnerability
Vulnerability Description
Apache Zeppelin has an unauthorized user access command execution interface, which causes any user to execute malicious commands to obtain server permissions.
Vulnerability Impact
Apache Zeppelin
Network surveying and mapping
Vulnerability reappears
The page containing the vulnerability is as follows
Click to create an anonymous user and execute the command on the user page.
This post is licensed under CC BY 4.0 by the author.