CVE-1999-0885
CVSS 2.0 Score 3.6 of 10 (low)
Details
Summary
CVE-1999-0885 is a vulnerability affecting Alibaba web servers. Malicious actors can exploit this issue by crafting malformed URLs containing pipe characters, which the server interprets as a command to execute external programs, allowing remote code execution. This vulnerability poses a significant risk as it grants attackers unrestricted access to the server and its data. Mitigation involves updating the web server software to a secure version and implementing input validation to block malformed URLs. This flaw was reported in 1999 and has since been addressed in newer software versions, but older systems remain susceptible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.