Prev Next

DataStructures / System Design

Explain Command injection.

Command injections attacks exploit application functionality that makes system calls or commands using untrusted data.

Attacks become possible when an application passes unsafe user-supplied data such as forms, cookies, and HTTP headers to the system as part of a shell command. This type of security lapse occurs due to poor security architecture. While input validation can help prevent successful attacks, the failure to keep data isolated from code is the source of risk.

When attacks occur on an application server, this may compromise the server or result in data exposure.

To mitigate command injection risk:

  • Do not pass untrusted data to system calls or commands.
  • Validate untrusted data against a whitelist and encode data to protect again problematic characters.

It's right time to invest in Cryptocurrencies Dogecoin! Earn free bitcoins up to $250 now by signing up.

Earn bitcoins upto $250 (free), invest in other Cryptocurrencies when you signup with blockfi. Use the referral link: Signup now and earn!

Using BlockFi, don't just buy crypto - start earning on it. Open an interest account with up to 8.6% APY, trade currencies, or borrow money without selling your assets.

Join CoinBase! We'll both receive $10 in free Bitcoin when they buy or sell their first $100 on Coinbase! Available in India also. Use the referral Join coinbase!

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

Show more question and Answers...

Amazon Web Service (AWS)

Comments & Discussions