CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
| Software | From | Fixed in |
|---|---|---|
| cdomain / cdomainfree | 1.0 | 1.0.x |
| cdomain / cdomainfree | 2.0 | 2.0.x |
| cdomain / cdomainfree | 2.1 | 2.1.x |
| cdomain / cdomainfree | 2.2 | 2.2.x |
| cdomain / cdomainfree | 2.3 | 2.3.x |
| cdomain / cdomainfree | 2.4 | 2.4.x |