rConfig 2.0.0

CPE Details

rConfig 2.0.0
rconfig
rconfig
2.0.0
2019-12-09
12h53 +00:00
2019-12-09
12h53 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:rconfig:rconfig:2.0.0:*:*:*:*:*:*:*

Informations

Vendor

rconfig

Product

rconfig

Version

2.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-27464 2021-08-20 16h10 +00:00 An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file.
7.8
High
CVE-2020-13778 2020-10-19 10h54 +00:00 rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.
8.8
High
CVE-2020-10546 2020-06-04 01h25 +00:00 rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
9.8
Critical
CVE-2020-10547 2020-06-04 01h24 +00:00 rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
9.8
Critical
CVE-2020-10548 2020-06-04 01h24 +00:00 rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
9.8
Critical
CVE-2020-10549 2020-06-04 01h24 +00:00 rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
9.8
Critical
CVE-2020-10879 2020-03-23 20h44 +00:00 rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
9.8
Critical
CVE-2020-9425 2020-03-20 16h42 +00:00 An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application was not exiting after a redirect is applied, the rest of the page still executed, resulting in the disclosure of cleartext credentials in the response.
7.5
High
CVE-2020-10221 2020-03-08 21h03 +00:00 lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.
8.8
High
CVE-2020-10220 2020-03-07 21h37 +00:00 An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
9.8
Critical
CVE-2019-19372 2019-11-28 13h57 +00:00 A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.