WebGlimpse query Parameter Command Injection

high Nessus Plugin ID 58412


The remote web server hosts a CGI script that contains a command injection vulnerability.


The version of WebGlimpse installed on the remote host does not sufficiently sanitize user input to the 'query' parameter of the 'webglimpse.cgi' script before using it to construct and then run a command.

An unauthenticated, remote attacker can leverage this issue to execute arbitrary code on the affected host, subject to the privileges under which the web server runs.

Note that this vulnerability is being actively exploited in the wild as of March 2012.


Upgrade to WebGlimpse 2.20.0 or later.

Plugin Details

Severity: High

ID: 58412

File Name: webglimpse_query_cmd_exec.nasl

Version: 1.12

Type: remote

Family: CGI abuses

Published: 3/21/2012

Updated: 4/11/2022

Configuration: Enable thorough checks

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:webglimpse:webglimpse

Required KB Items: www/webglimpse

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 2/14/2012

Vulnerability Publication Date: 3/20/2012

Exploitable With

Elliot (WebGlimpse 2.18.8 RCE)

Reference Information

CVE: CVE-2012-1795

BID: 52627

CERT: 364363