AWStats configdir parameter arbitrary cmd exec

Summary
The remote host is running AWStats, a free real-time logfile analyzer. The remote version of this software is prone to an input validation vulnerability. The issue is reported to exist because user supplied 'configdir' URI data passed to the 'awstats.pl' script is not sanitized. An attacker may exploit this condition to execute commands remotely or disclose contents of web server readable files.
Solution
Upgrade at least to version 6.3 of this software