Shellshock is a remote command execution vulnerability in BASH. The vulnerability relies on the fact that BASH incorrectly executes trailing commands when it imports a function definition stored into an environment variable.

Threat actors exploiting the vulnerability can issue commands remotely on the target host. While BASH is not inherently Internet-facing, many internal and external services such as web servers do use environment variables to communicate with the server’s operating system. If those data inputs are not sanitized before execution, attackers may launch HTTP request commands executed via the BASH shell.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center