A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.
View on MITRERemove any Shells accessible under the web root folder and children directories.
No detection method information available for this CWE.
No examples or observed CVEs available for this CWE.
CWE-553: Command Shell in Externally Accessible Directory is a Common Weakness Enumeration (CWE) entry maintained by MITRE. A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.
If exploited, CWE-553 (Command Shell in Externally Accessible Directory) it can compromise Confidentiality, Integrity and Availability, leading to outcomes such as Execute Unauthorized Code or Commands.
Recommended mitigations for CWE-553 include: Remove any Shells accessible under the web root folder and children directories.
A CWE (Common Weakness Enumeration) like CWE-553 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.