CWE-553 - Command Shell in Externally Accessible Directory

  • Abstraction:Variant
  • Structure:Simple
  • Status:Incomplete
  • Release Date:2006-07-19
  • Latest Modification Date:2025-12-11

Weakness Name

Command Shell in Externally Accessible Directory

Description

A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server.

Common Consequences

Scope: Confidentiality, Integrity, Availability

Impact: Execute Unauthorized Code or Commands

Related Weaknesses

CWE-552Files or Directories Accessible to External Parties