## https://sploitus.com/exploit?id=SAINT:49C66ED8B7443985AD371E77346FE318
Added: 08/20/2024
### Background
Apache HugeGraph is a graph database. HugeGraph supports Gremlin, a graph traversal language.
### Problem
A vulnerability in Apache HugeGraph allows remote attackers to bypass sandbox restrictions and execute arbitrary commands through Gremlin.
### Resolution
Upgrade to HugeGraph 1.3.0 or higher with Java 11 and enable the Auth system.
### References
https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9
### Platforms
Linux