Family: Gain a shell remotely --> Category: attack
TWiki rev Parameter Command Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for rev parameter command execution vulnerability in TWiki
Detailed Explanation for this Vulnerability Test
The remote web server contains a CGI application that is prone to
arbitrary command execution.
The installed version of TWiki allows a possible hacker, by manipulating
input to the 'rev' parameter, to execute arbitrary shell commands on
the remote host subject to the rights of the web server user id.
See also :
Apply the appropriate hotfix listed in the vendor advisory above.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.