Description

A test CGI (Common Gateway Interface) script was found on this server. The response page returned by this CGI script is leaking a list of server environment variables.

Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. For example, an environment variable with a standard name can designate the location that a particular computer system uses to store temporary files but this may vary from one computer system to another.

Remediation

Restrict access to this CGI file or remove it from your system.

Related Vulnerabilities

WordPress Plugin Activity Log Information Disclosure (2.2.12)

MediaWiki multiple remote vulnerabilities

ColdFusion Request Debugging information disclosure

ASP.NET Core Development Mode enabled

WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)

Severity

Medium

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure