返回 CVE 浏览器

CVE-2020-10879

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0910%

EPSS Percentile14.26th

Published2020年3月23日

Last Modified2024年11月21日

Vulnerability Description

rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.

Affected Platforms (CPE)

📦

Rconfig

Rconfig

< 3.9.5

References & Advisories

🔗 https://github.com/rconfig/rconfig/commit/3385f906427d228c48b914625136bf620f4ca0a9

🔗 https://www.exploit-db.com/exploits/48241

🔗 https://github.com/rconfig/rconfig/commit/3385f906427d228c48b914625136bf620f4ca0a9

🔗 https://www.exploit-db.com/exploits/48241

相关漏洞威胁

CVE-2020-157159.9

rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the sear...

CVE-2020-105469.8

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' pass...

CVE-2019-166629.8

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerS...

CVE-2020-102209.8

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchCol...