Vulnerability Description
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Astrocam | Astrocam | 0.9-1-1 |
Related Weaknesses (CWE)
References
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://securitytracker.com/id?1005523Patch
- http://www.iss.net/security_center/static/10538.phpPatch
- http://www.securityfocus.com/bid/6105Patch
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://securitytracker.com/id?1005523Patch
- http://www.iss.net/security_center/static/10538.phpPatch
- http://www.securityfocus.com/bid/6105Patch
FAQ
What is CVE-2002-1874?
CVE-2002-1874 is a vulnerability with a CVSS score of 10.0 (HIGH). astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected ve...
How severe is CVE-2002-1874?
CVE-2002-1874 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1874?
Check the references section above for vendor advisories and patch information. Affected products include: Astrocam Astrocam.