WebAPP Apage.CGI Remote Command Execution Flaw Network Vulnerability

Summary

Due to a lack of user input validation, an attacker can exploit the 'apage.cgi' script in the version of WebAPP on the remote host to execute arbitrary commands on the remote host with the privileges of the web server.

Solution

Upgrade to WebAPP version 0.9.9.2 or newer.

Severity

Classification

CVE CVE-2005-1628
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat AJP Protocol Security Bypass Vulnerability
A-Blog 'sources/search.php' SQL Injection Vulnerability
AWStats configdir parameter arbitrary cmd exec
Arkeia Appliance Path Traversal Vulnerability
artmedic_links5 File Inclusion Vulnerability

WebAPP Apage.CGI remote command execution flaw

Take action and discover your vulnerabilities