CVE-2012-1795

EXPLOITED IN THE WILD

Webglimpse < 2.20.0 - Remote Code Execution via Query Parameter Shell Metacharacters

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2012-1795 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).

Description

webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012.

References (4)

Core 4
Core References
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/364363
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1026825
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/80344
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48452

Scores

EPSS 0.0421
EPSS Percentile 89.8%

Details

VulnCheck KEV 2012-03-20
InTheWild.io 2018-01-12
CWE
CWE-78
Status published
Products (48)
webglimpse/webglimpse 2.2.0
webglimpse/webglimpse 2.2.1
webglimpse/webglimpse 2.2.2
webglimpse/webglimpse 2.3.1
webglimpse/webglimpse 2.3.3
webglimpse/webglimpse 2.4.0
webglimpse/webglimpse 2.4.6
webglimpse/webglimpse 2.5.1
webglimpse/webglimpse 2.5.4
webglimpse/webglimpse 2.6.2
... and 38 more
Published Mar 20, 2012
Tracked Since Feb 18, 2026