CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-10220

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile16.24th
Published2020年3月7日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.

Affected Platforms (CPE)

📦
Rconfig

Rconfig

<= 3.9.4

References & Advisories

🔗 http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html
🔗 http://packetstormsecurity.com/files/156766/Rconfig-3.x-Chained-Remote-Code-Execution.html
🔗 http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html
🔗 https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_CVE-2020-10220.py
🔗 https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_sqli.py
🔗 http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html
🔗 http://packetstormsecurity.com/files/156766/Rconfig-3.x-Chained-Remote-Code-Execution.html
🔗 http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html

相關漏洞威脅

CVE-2020-157159.9

rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the sear...

CVE-2020-105469.8

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' pass...

CVE-2019-166629.8

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerS...

CVE-2020-108799.8

rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parame...