Critical severity9.8NVD Advisory· Published Mar 23, 2020· Updated Jun 17, 2026
CVE-2020-10879
CVE-2020-10879
Description
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- rConfig/rConfigdescription
Patches
Vulnerability mechanics
References
2- github.com/rconfig/rconfig/commit/3385f906427d228c48b914625136bf620f4ca0a9nvdPatch
- www.exploit-db.com/exploits/48241nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.