Medium severity6.5NVD Advisory· Published Aug 20, 2021· Updated Jun 17, 2026
CVE-2020-25353
CVE-2020-25353
Description
A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to the machine via the deviceIpAddr and connPort parameters.
Affected products
2- rConfig/rConfigdescription
Patches
Vulnerability mechanics
References
1- stark0de.com/2020/08/27/pwning-rconfig-part-one.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.