PT-2001-1761 · A1Stats · A1Stats
Publicado
2001-07-27
·
Atualizado
2017-12-19
·
CVE-2001-0562
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
A1Stats versions prior to 1.6
Description:
The issue allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. This is related to the a1disp.cgi program.
Recommendations:
For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the a1disp.cgi program to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
A1Stats