Summary

Acunetix 360 detected a passive web backdoor on the target web server.

Impact

An attacker can use the passive backdoor identified on your domain when he/she performs an RFI attack to any other web server.

Actions To Take

  1. Remove the identified passive web backdoor from your web server.
  2. You should investigate how this passive backdoor is placed on your system. There may be another critical vulnerability on your system that allows this placement.

Severity

Low

Classification

PCI v3.2-6.5.6 CWE-507 HIPAA-164.308(a) ISO27001-A.12.2.1 OWASP 2017-A10