CVE-1999-1154

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Nov 9, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1154 is a vulnerability affecting the LakeWeb Filemail CGI script. An attacker can exploit this weakness by manipulating the recipient email address, which contains shell metacharacters, to execute arbitrary commands remotely. This issue poses a significant risk, as it allows attackers to gain unauthorized access to the system and potentially cause harm. The vulnerability was identified in 1999 and remains a concern for organizations still using the outdated Filemail CGI script. It is crucial for administrators to apply patches or updates to mitigate this risk and secure their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXzD
https://www.cve.org/CVERecord?id=CVE-1999-1154
https://nvd.nist.gov/vuln/detail/CVE-1999-1154

Back to Vulnerability Database

CVE-1999-1154

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations