This script is possibly vulnerable to Cmd hijack attacks.

Cmd hijack is a command/argument confusion in cmd.exe that allows an attacker to launch arbitrary Windows system executables. The issue appears when an attacker is using path traversal sequences to hijack the original command that should be executed. It only affects Windows systems.

For example, the following command:

cmd.exe /c "ping"
will launch calc.exe instead of ping.exe.


Your script should filter metacharacters from user input. PHP web applications should use escapeshellarg() instead of escapeshellcmd().


Related Vulnerabilities