V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
← Back to List
CWE-553VariantIncomplete
Abstraction: Variant
Status: Incomplete
Source ↗

Command Shell in Externally Accessible Directory

A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.

Open in catalog with CWE filter →

Related CAPECs

CAPEC-650
Upload a Web Shell to a Web Server

Related vulnerabilities

CVE-2025-66620An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system.