CVE-1999-0146

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Jul 15, 1997
Updated: Nov 20, 2024

Summary

CVE-1999-0146 is a vulnerability affecting the campas CGI program that came bundled with certain NCSA web servers. This issue enables attackers to execute arbitrary system commands by exploiting encoded carriage return characters in the query string. Essentially, an adversary can manipulate the input data to trigger a command execution, thereby compromising the targeted system and potentially gaining unauthorized access, as demonstrated through the exposure of the password file.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share