Details
Alert Id 10048
Alert Type Active
Status beta
Risk High
CWE 78
WASC 31
Tags OWASP_2017_A09
OWASP_2021_A06
WSTG-V42-INPV-12

Summary

The server is running a version of the Bash shell that allows remote attackers to execute arbitrary code

Solution

Update Bash on the server to the latest version

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/ShellShockScanRule.java