Summary #

Invicti detected a passive web backdoor on the target web server.

Impact #
An attacker can use the passive backdoor identified on your domain when he/she performs an RFI attack to any other web server.
Actions To Take #
  1. Remove the identified passive web backdoor from your web server.
  2. You should investigate how this passive backdoor is placed on your system. There may be another critical vulnerability on your system that allows this placement.
Classifications #
PCI v3.1-6.5.6; PCI v3.2-6.5.6; CWE-507; HIPAA-164.308(a); ISO27001-A.12.2.1; OWASP 2017-A10
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo