CWE-553: Command Shell in Externally Accessible Directory
ID
CWE-553
Abstraction
Variant
Structure
Simple
Status
Incomplete
A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.
Modes of Introduction
Phase | Note |
---|---|
Implementation | |
Operation |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.org
Loading...