CVE-2002-1874
AstroCam 0.9-1-1-1.4.0 - Remote Command Execution via Shell Metacharacters
Title source: llmDescription
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
References (4)
Core 4
Core References
Product x_refsource_confirm
http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1005523
Patch vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10538.php
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6105
Scores
EPSS
0.0329
EPSS Percentile
87.0%
Details
CWE
CWE-20
Status
published
Products (5)
astrocam/astrocam
0.9-1-1 beta
astrocam/astrocam
0.9-5-1 beta
astrocam/astrocam
0.9-7-3 beta
astrocam/astrocam
1.0.1 beta
astrocam/astrocam
1.4 beta
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026