Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tugtainer has RCE in Agent Command Execution Api
Vulnerability Description
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent `POST api/command/run`. Version 1.15.1 fixes the issue.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Tugtainer 命令注入漏洞
Vulnerability Description
Tugtainer是Eugene Savin个人开发者的一个具有web UI的自动化Docker容器更新应用程序。 Tugtainer 1.15.1之前版本存在命令注入漏洞,该漏洞源于tugtainer-agent的POST api/command/run接口可注入任意参数。
CVSS Information
N/A
Vulnerability Type
N/A