Description
The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Georich Chorbadzhiyski · textremotewindows
https://www.exploit-db.com/exploits/19761
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1002
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/templates/archive.pike?list=1&msg=38B3E60A.6A84FEC3%40cybcom.net
Vendor Advisory x_refsource_confirm
http://www.sambar.com/session/highlight?url=/syshelp/history.htm&words=security+&color=red
Scores
EPSS
0.0735
EPSS Percentile
91.8%
Details
Status
published
Products (1)
sambar/sambar_server
< 4.2
Published
Feb 23, 2000
Tracked Since
Feb 18, 2026