Un-CGI Remote Command Execution Vulnerability
CVE-2001-1241 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.
Learn more about our Web Application Penetration Testing UK.