CGI.CSVForm.Arbitrary.Command.Execution
Description
It indicates an attacker attempted to exploit a bug in CVSForm and execute unauthorized commmands. CSVForm is a Perl cgi used to format cgi input into a comma separated text file. The script fails to properly validate user supplied input given as the file to open. A malicious attacker can leverage this to execute script commands against the system.
Affected Products
Mutasem Abudahab CSVFormPlus 1.0 and Mutasem Abudahab CSVForm 0.1
Impact
Compromise of the affected system.
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |