CHETCPASSWD.Shadow.File.Disclosure

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in CHETCPASSWD.
The issue is caused by an error when the vulnerable software handles malicious requests sent to chetcpasswd.cgi. It may allow a remote attacker to expose the local shadow file by sending a crafted client request.

affected-products-logoAffected Products

CHETCPASSWD 1.12

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to CHETCPASSWD 1.12.1 or later.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)