Remote Code Execution in nlog CGI Scripts

Remote Code Execution in nlog CGI Scripts

CVE-1999-1278 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl.

Learn more about our Web Application Penetration Testing UK.