CGI.CHETCPASSWD.Shadow.File.Disclosure
Description
This indicates a malicious attacker tried to gain information through a vulnerability in chetcpasswd.cgi. If a malicious user sends an overly long URI string to chetcpasswd.cgi it is possible that the tail end of the local shadow file may be exposed.
Affected Products
CHETCPASSWD 1.12
Impact
Information Leakage.
Recommended Actions
Upgrade to CHETCPASSWD 1.12.1 or later.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |