Strix
26.1K

CVE-2002-1874

UnknownEPSS 3.31%

Last modified

CVE-2002-1874 is a vulnerability of currently unknown severity. astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.. EPSS estimates a 3.31% chance of exploitation in the next 30 days.

Description

astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.

Metrics

EPSS Probability
3.31%

87.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
AstrocamAstrocam0.9-1-1Beta
AstrocamAstrocam0.9-5-1Beta
AstrocamAstrocam0.9-7-3Beta
AstrocamAstrocam1.0.1Beta
AstrocamAstrocam1.4Beta

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2002-1874?
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
How severe is CVE-2002-1874?
Severity scoring for CVE-2002-1874 is pending analysis. The EPSS model estimates a 3.31% probability of exploitation in the next 30 days.
How do I fix CVE-2002-1874?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1874?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST