Bash Command Injection Vulnerability (Shellshock Bug)

Severity: Critical

Summary#

Invicti identified the Bash Command Injection Vulnerability (Shellshock Bug) in the target web server.

The Shellshock bug allows attackers to execute arbitrary commands on the target system. This vulnerability is known to exploit widely and should be addressed as soon as possible.

Impact#

An attacker can execute arbitrary commands on the system.

Remediation#

Upgrade your system by following these instructions

Classifications#

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C, ISO27001-A.14.2.5, HIPAA-164.306(a), 164.308(a), PCI v3.2-6.5.1, OWASP 2013-A1, OWASP 2017-A9, CAPEC-88, CWE-78, WASC-31

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

Related Vulnerabilities

Bash Command Injection Vulnerability (Shellshock Bug)

Related Articles

Build your resistance to threats. And save hundreds of hours each month.