virus logo Intrusion Prevention

EScan.Web.Management.Console.Pass.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection Vulnerability in MicroWorld Technologies eScan.
The vulnerability is due to an input validation error while parsing a crafted HTTP request. A remote attacker could exploit this to execute arbitrary code within the context of target application, via a crafted HTTP request.

affected-products-logoAffected Products

MicroWorld Technologies eScan 5.5-2

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 38385
Created May 14, 2014
Updated Mar 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Linux
Affected App Other