Vulnerability Description
The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cpanel | Cpanel | 5.0 |
References
- http://marc.info/?l=bugtraq&m=107911581732035&w=2
- http://secunia.com/advisories/11124ExploitVendor Advisory
- http://www.kb.cert.org/vuls/id/831534PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/9855ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15486
- http://marc.info/?l=bugtraq&m=107911581732035&w=2
- http://secunia.com/advisories/11124ExploitVendor Advisory
- http://www.kb.cert.org/vuls/id/831534PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/9855ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15486
FAQ
What is CVE-2004-1770?
CVE-2004-1770 is a vulnerability with a CVSS score of 10.0 (HIGH). The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.
How severe is CVE-2004-1770?
CVE-2004-1770 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1770?
Check the references section above for vendor advisories and patch information. Affected products include: Cpanel Cpanel.