8 matches found
CVE-2020-10546
creationtimestamp| type| source ---|---|--- 2026-03-17 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2026-03-17 2026-06-19 12:45:37+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0763b7df-d24c-42f4-84b1-024b970185f7...
VulnCheck KEV: CVE-2020-10546
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...
rConfig SQL Injection (CVE-2020-10546; CVE-2020-10547; CVE-2020-10548; CVE-2020-10549)
An SQL injection vulnerability exists in rConfig. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
rConfig <= 3.9.4 Multiple SQL Injection Vulnerabilities
rConfig is prone to multiple SQL injection vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2020-10546
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...
CVE-2020-10546
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...
CVE-2020-10546
rConfig 3.9.4 and earlier versions are affected by an unauthenticated SQL injection in compliancepolicies.inc.php. The underlying issue is that passwords are stored in plaintext by default, enabling an attacker to execute arbitrary SQL queries and potentially move laterally to access monitored ne...
CVE-2020-10546
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at...