|
Family: CGI abuses --> Category: attack
WebAPP Apage.CGI remote command execution flaw Vulnerability Scan
Vulnerability Scan Summary Checks for apage.cgi remote command execution flaw
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a CGI script that allows for execution
of arbitrary commands.
Description :
Due to a lack of user input validation, a possible hacker can exploit the
'apage.cgi' script in the version of WebAPP on the remote host to
execute arbitrary commands on the remote host with the rights of
the web server.
Solution :
Upgrade to WebAPP version 0.9.9.2 or newer.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|