The US National Vulnerability Database (NVD) recently discovered several critical vulnerabilities in the widely used GNU Bash shell, which are commonly referred to as "Shellshock", including CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, and yet more to come. These remotely exploitable vulnerabilities can pose a serious threat to any UNIX or Linux-based products.

As of the date this was announced on the NIST website, Nusoft has been researching these vulnerabilities and simulating the attacks. Due to the Common Gateway Interface (CGI) employed, each Nusoft product requires users to provide administrator credentials to gain access to the system and, as a result, they are immune to Shellshock. Accordingly, Nusoft strongly recommends that customers change the default credentials for the security's sake.

Nusoft will do the best efforts to protect your network from any future Shellshock-based attacks, preventing damages or losses to your business.