Un-CGI Remote Command Execution Vulnerability

Un-CGI Remote Command Execution Vulnerability

CVE-2001-1241 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.

Learn more about our Web Application Penetration Testing UK.