Inserter.cgi File Inclusion And Command Execution Vulnerabilities Network Vulnerability

Summary

The remote web server contains the 'inserter' CGI. The inserter.cgi contains a vulnerability that allows remote attackers to cause the CGI to execute arbitrary commands with the privileges of the web server by supplying it with a piped instruction or to include arbitrary files by providing an absolute path to the location of the file.

Solution

Delete this file

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ActivePerl perlIS.dll Buffer Overflow
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
ARRIS 2307 Unprotected Web Console
AWCM CMS Multiple Remote File Include Vulnerabilities
ASP Inline Corporate Calendar SQL injection

inserter.cgi File Inclusion and Command Execution Vulnerabilities

Take action and discover your vulnerabilities