|
Family: CGI abuses --> Category: infos
cPanel Login Command Execution Vulnerability Scan
Vulnerability Scan Summary Command Injection
Detailed Explanation for this Vulnerability Test
The remote host is running cPanel.
There is a bug in this software which may allow a possible hacker to execute arbitrary
commands on this host with the rights of the cPanel web server, by sending
a malformed login as in :
http://www.example.com:2082/login/?user=|"`id`"|
A possible hacker may exploit this flaw to execute arbitrary commands on the remote
host and take its control.
Solution : Upgrade to the newest version of cPanel or disable this service
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|