PT-2003-2193 · H Sphere · H-Sphere Webshell

Publicado

2003-12-31

Atualizado

2008-09-05

CVE-2003-1248

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions H-Sphere WebShell version 2.3

Description The issue allows remote attackers to execute arbitrary commands. This can be achieved by using shell metacharacters in the mode and zipfile parameters in a URL request.

Recommendations For H-Sphere WebShell version 2.3, consider restricting access to the vulnerable parameters mode and zipfile to minimize the risk of exploitation. Avoid using shell metacharacters in these parameters until the issue is resolved.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-1248

Produtos afetados

H-Sphere Webshell

PT-2003-2193 · H Sphere · H-Sphere Webshell

CVE-2003-1248

Identificadores relacionados

Produtos afetados

Referências · 7