what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

CVE-2020-10220

Status Candidate

Overview

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.

Related Files

rConfig 3.9.4 searchField Remote Code Execution: Posted Mar 28, 2020; Authored by vikingfr; rConfig version 3.9.4 searchField unauthenticated remote root code execution exploit.; tags | exploit, remote, root, code execution; advisories | CVE-2019-19509, CVE-2019-19585, CVE-2020-10220; SHA-256 | 286d169b9325c701681f3ca01b90d56974a51fe70471f6d1ba94a2d175b1f7a8; Download | Favorite | View

Rconfig 3.x Chained Remote Code Execution: Posted Mar 16, 2020; Authored by Orange Cyberdefense, Jean-Pascal Thomas | Site metasploit.com; This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the payload. Valid credentials for a user with administrative privileges are required . However, this module can bypass authentication via SQL injection.; tags | exploit, web, sql injection; advisories | CVE-2019-19509, CVE-2020-10220; SHA-256 | 0b63805ab8f2162cb70c5931c392c85432cadbdd98208528d5861e068261cd6c; Download | Favorite | View

rConfig 3.9 SQL Injection: Posted Mar 11, 2020; Authored by vikingfr; rConfig version 3.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2020-10220; SHA-256 | a8428e6dd617bc7a6966d1ff349fff0c9d819ba218d51a40871dcbe6a40f4dac; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec