Bug in TradeWinds

Posted by Juan Martinez on Feb 18

Hi, I turn to you because I want to make public a bug, a web server called
Trade Winds, by which much compromising information of internal servers
exposed … Through a Dork on google: inurl: cgi-shl / twserver.exe run?.
They are vulnerable server, injecting this url: http:
//victim/cgi-shl/twserver.exe run (example: CityInfo?). Which brings us
back an error with this data: TradeWinds: Environment variables sent by
Microsoft-IIS / 6.0…

Leave a Reply