CVE-2012-1795

critical

Description

webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012.

References

http://www.securitytracker.com/id?1026825

http://www.kb.cert.org/vuls/id/364363

http://secunia.com/advisories/48452

http://osvdb.org/80344

Details

Source: Mitre, NVD

Published: 2012-03-20

Updated: 2018-01-12

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics