CHETCPASSWD.Shadow.File.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in CHETCPASSWD.
The issue is caused by an error when the vulnerable software handles malicious requests sent to chetcpasswd.cgi. It may allow a remote attacker to expose the local shadow file by sending a crafted client request.
Affected Products
CHETCPASSWD 1.12
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Upgrade to CHETCPASSWD 1.12.1 or later.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |