Virgil CGI Scanner contains a flaw that allows a remote attacker to gain remote access. The issue is due to the "virgil.cgi" script not properly validating user input to several variables. By providing a specially crafted URI a remote attacker can spawn a shell on a random port. The shell will be available for a short time but run with the same privileges as the web server.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.