Remote Code Execution via Shell Metacharacters in AN-HTTPd's Example CGI Scripts

Remote Code Execution via Shell Metacharacters in AN-HTTPd's Example CGI Scripts

CVE-1999-0947 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.

Learn more about our Web Application Penetration Testing UK.