Remote Code Execution via Server Side Includes (SSI) in ULTRAPOP.JP i-HTTPD

CVE-2014-7260

The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives.

Learn more about our Cis Benchmark Audit For Server Software.