Summary

Acunetix 360 detected a web backdoor on the target web server.

If you are not aware of this backdoor, it means that your web server has been hacked before.

Impact

An attacker can execute arbitrary commands on the system.

Actions To Take

  1. Remove the identified web backdoor from your web server.
  2. You should investigate how this backdoor was placed on your system. There may be another critical vulnerability on your system that allowed this placement.

Severity

Critical

Classification

PCI v3.2-6.5.6 CAPEC-443 CWE-507 HIPAA-164.308(a) ISO27001-A.12.2.1 OWASP 2017-A10 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H