Page 1 of 1

/cgi-sys/autodiscover.cgi hidden script file

Posted: 12 Sep 2020, 04:09
by csfan
Hello everybody,

What is autodiscover.cgi up to?

How on earth can autodiscover.cgi upload a web file?

Code: Select all

Scanning web upload script file...
Time                   : Fri, 11 Sep 2020 19:30:11 +0100
Web referer URL        : 
Local IP               : 127.0.0.1
Web upload script user : nobody (99)
Web upload script owner: root (0)
Web upload script path : /usr/local/cpanel/cgi-sys/autodiscover.cgi
Web upload script URL  : http://127.0.0.1/cgi-sys/autodiscover.cgi
Remote IP              : 127.0.0.1
Upload data md5sum     : da4b6ccd2702858d185e3ef600eeaeef
Deleted                : No
Quarantined            : No

----------- SCAN REPORT -----------

'/tmp/20200911-193011-X1vCMwGgf2UexvrUMnzalQAAAUo-file-Pdfn8t'
Suspicious image file (hidden script file)