rConfig
Products
1- 13 CVEs
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-10221 | 0.22 | — | 0.91 | KEV | Mar 8, 2020 | lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. | ||
| CVE-2019-16662 | 0.11 | — | 0.94 | Oct 28, 2019 | An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. | |||
| CVE-2019-19509 | 0.10 | — | 0.92 | Jan 6, 2020 | An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution. | |||
| CVE-2019-16663 | 0.08 | — | 0.94 | Oct 28, 2019 | An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution. | |||
| CVE-2022-44384 | 0.07 | — | 0.49 | Nov 17, 2022 | An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file. | |||
| CVE-2023-39110 | 0.06 | — | 0.80 | Aug 1, 2023 | rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs. | |||
| CVE-2023-39108 | 0.06 | — | 0.78 | Aug 1, 2023 | rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs. | |||
| CVE-2023-39109 | 0.06 | — | 0.78 | Aug 1, 2023 | rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs. | |||
| CVE-2022-45030 | 0.03 | — | 0.00 | Apr 15, 2023 | A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv). | |||
| CVE-2019-19207 | 0.01 | — | 0.07 | Nov 21, 2019 | rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. | |||
| CVE-2023-24366 | 0.00 | — | 0.01 | Mar 27, 2023 | An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request. | |||
| CVE-2019-19585 | 0.00 | — | 0.00 | Jan 6, 2020 | An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local… | |||
| CVE-2019-19372 | 0.00 | — | 0.00 | Nov 28, 2019 | A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit. |
- risk 0.22cvss —epss 0.91
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.
- CVE-2019-16662Oct 28, 2019risk 0.11cvss —epss 0.94
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.
- CVE-2019-19509Jan 6, 2020risk 0.10cvss —epss 0.92
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
- CVE-2019-16663Oct 28, 2019risk 0.08cvss —epss 0.94
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution.
- CVE-2022-44384Nov 17, 2022risk 0.07cvss —epss 0.49
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2023-39110Aug 1, 2023risk 0.06cvss —epss 0.80
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
- CVE-2023-39108Aug 1, 2023risk 0.06cvss —epss 0.78
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
- CVE-2023-39109Aug 1, 2023risk 0.06cvss —epss 0.78
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
- CVE-2022-45030Apr 15, 2023risk 0.03cvss —epss 0.00
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv).
- CVE-2019-19207Nov 21, 2019risk 0.01cvss —epss 0.07
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
- CVE-2023-24366Mar 27, 2023risk 0.00cvss —epss 0.01
An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request.
- CVE-2019-19585Jan 6, 2020risk 0.00cvss —epss 0.00
An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local…
- CVE-2019-19372Nov 28, 2019risk 0.00cvss —epss 0.00
A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit.