Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 16

If a web server accepts input from the user and passes it to a bash shell, to which attack method if it vulnerable?

Answer options

• A. input validation
• B. hash collision
• C. command injection
• D. integer overflow

Correct answer: C

Explanation

The correct answer is C, command injection, because it allows an attacker to execute arbitrary commands on the server through the vulnerable input. Options A, B, and D are not applicable as they refer to different types of vulnerabilities that do not involve executing commands via user input.