Starwind Software Starwind SAN & NAS 0.2 Build 1914
Approved changes feed: RSS · Atom
cpe:2.3:a:starwindsoftware:starwind_san_\&_nas:0.2:build_1914:*:*:*:*:*:*
part: a version: 0.2 update: build_1914
| Vendor | Starwindsoftware (546370dc-879f-52b2-b476-b038ac1027d1) |
|---|---|
| Product | Starwind San & Nas (d6548698-157e-5272-a3c8-e6dbcf8658ad) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-32268 |
vulnerable | 2026-06-08 05:44:43.113698 |
Details available
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges.
Published: 2022-06-03T05:19:38.000Z
Updated: 2024-08-03T07:39:50.388Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.