Remote Code Execution and Information Disclosure in HAMweather 2.x via hwadmin.cgi

Remote Code Execution and Information Disclosure in HAMweather 2.x via hwadmin.cgi

CVE-2002-2356 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi.

Learn more about our Web Application Penetration Testing UK.