Bslist.Remote.Command.Execution
Description
It indicates an attempt to execute potentially malicious command via bslist.cgi program.
Due to insufficient input validation, a remote attacker can execute arbitrary commands on a victim system via specially-crafted email address.
Affected Products
Any unprotected Brian Stanback bslist.cgi 1.0 is vulnerable to the attack.
Impact
Attackers can run arbitrary shell commands with the privilege level of the web server.
Recommended Actions
Upgrade the script to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-01-10 | 22.472 | Name:Bslist. RemoteCommandExecution:Bslist. Remote. Command. Execution |
2018-12-05 | 13.503 | Default_action:pass:drop |
2018-11-30 | 13.501 | Sig Added |