Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
The Shellshock vulnerability is well known and trivial to exploit. An attacker can gain access to a device and remotely run commands that launch additional attacks on the network.
Kill Chain
Risk Score
87
Shellshock is a remote code execution (RCE) vulnerability in the Bourne-Again shell (Bash) that attackers have been exploiting since 2014. An attacker sends an HTTP request with a Shellshock payload to a vulnerable device. The payload includes code with a syntax similar to () { :;}; <exploit command>. The malicious command runs in Bash and creates a shell. The attacker connects to the shell to remotely run commands on the victim.
Update Bash to 4.3 or later
