9.8CVSS
9.4AI Score
0.002EPSS
Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration...
9.8CVSS
9.8AI Score
0.006EPSS
Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine...
9.8CVSS
9.8AI Score
0.003EPSS
reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via...
8.8CVSS
8.1AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS