header-logo
Suggest Exploit
vendor:
AN-HTTPd server
by:
7.5
CVSS
HIGH
Remote Code Execution
CWE
Product Name: AN-HTTPd server
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows

AN-HTTPd server Remote Code Execution Vulnerability

Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data.

Mitigation:

Upgrade to a version that has fixed this issue or apply a patch provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/762/info

Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data. 

http://www.xxx.yy/cgi-bin/input.bat?|dir..\..\windows

Navigation

Suggest Exploit

Services By CQR