SYM_PY_0061 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Command Shell in Externally Accessible Directory
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-553: Command Shell in Externally Accessible Directory |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The code implements a reverse shell by connecting to a remote server and spawning a shell process (like /bin/sh), which can give an attacker remote command execution on your system. This behavior allows someone to control the affected machine over the network.
Impact
If exploited, an attacker could gain full remote access to the server, allowing them to run arbitrary commands, steal sensitive data, modify files, or use the machine as part of a larger attack. This can lead to complete system compromise and data breaches.