CWE-553: Command Shell in Externally Accessible Directory
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.
常见后果
影响范围: Confidentiality Integrity Availability
技术影响: Execute Unauthorized Code or Commands
潜在缓解措施
阶段: Installation System Configuration
描述: Remove any Shells accessible under the web root folder and children directories.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
| Operation | - |