1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP FormMail Cmd Exec

HTTP FormMail Cmd Exec

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.


This signature detects an attempt to execute arbitrary commands using Matt Wright's FormMail CGI program.

Additional Information

Matt Wright's FormMail is a web-based e-mail gateway.
In versions 1.9 and earlier, the "recipient" hidden field is not checked for the semi-colon(;), the shell command separation character, enabling an attacker to execute arbitrary command remotely.


  • Matt Wright FormMail 1.0


Upgrade to the latest version of FormMail
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube