Summary #

Invicti detected a web backdoor on the target web server.

If you are not aware of this backdoor, it means that your web server has been hacked before.

Impact #
An attacker can execute arbitrary commands on the system.
Actions To Take #
  1. Remove the identified web backdoor from your web server.
  2. You should investigate how this backdoor was placed on your system. There may be another critical vulnerability on your system that allowed this placement.
Classifications #
PCI v3.1-6.5.6; PCI v3.2-6.5.6; CAPEC-443; CWE-507; HIPAA-164.308(a); ISO27001-A.12.2.1; OWASP 2017-A10 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo