Foxweb CGI Network Vulnerability

Summary

The foxweb.dll or foxweb.exe CGI is installed. Versions 2.5 and below of this CGI program have a security flaw that lets an attacker execute arbitrary code on the remote server. ** Since OVS just verified the presence of the CGI but could ** not check the version number, this might be a false alarm.

Solution

remove it from /cgi-bin or upgrade it

Severity

Classification

CVE CVE-2010-1898

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
Advantech WebAccess Multiple Vulnerabilities
b2Evolution title SQL Injection
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
AudiStat multiple vulnerabilities

foxweb CGI

Take action and discover your vulnerabilities