CWE-553: Command Shell in Externally Accessible Directory

VariantIncomplete

A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.

View on MITRE
Back to CWE Lookup

Technical Details

Structure
Simple

Applicable To

Languages
Platforms

Frequently Asked Questions

What is CWE-553: Command Shell in Externally Accessible Directory?+

CWE-553: Command Shell in Externally Accessible Directory is a Common Weakness Enumeration (CWE) entry maintained by MITRE. A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.

What are the security consequences of Command Shell in Externally Accessible Directory?+

If exploited, CWE-553 (Command Shell in Externally Accessible Directory) it can compromise Confidentiality, Integrity and Availability, leading to outcomes such as Execute Unauthorized Code or Commands.

How do you prevent or mitigate Command Shell in Externally Accessible Directory?+

Recommended mitigations for CWE-553 include: Remove any Shells accessible under the web root folder and children directories.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-553 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More