Lucene search
K

8 matches found

Circl
Circl
added 2026/03/17 12:0 a.m.4 views

CVE-2020-10546

creationtimestamp| type| source ---|---|--- 2026-03-17 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2026-03-17 2026-06-19 12:45:37+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0763b7df-d24c-42f4-84b1-024b970185f7...

9.8CVSS7.3AI score0.8733EPSS
In wildExploits1References3
VulnCheck KEV
VulnCheck KEV
added 2023/11/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-10546

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.8CVSS7.3AI score0.8733EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2021/12/22 12:0 a.m.9 views

rConfig SQL Injection (CVE-2020-10546; CVE-2020-10547; CVE-2020-10548; CVE-2020-10549)

An SQL injection vulnerability exists in rConfig. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.8733EPSS
Exploits4
OpenVAS
OpenVAS
added 2020/06/08 12:0 a.m.169 views

rConfig <= 3.9.4 Multiple SQL Injection Vulnerabilities

rConfig is prone to multiple SQL injection vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.8CVSS9.9AI score0.8733EPSS
Exploits4References4
NVD
NVD
added 2020/06/04 4:15 a.m.13 views

CVE-2020-10546

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.8CVSS9.8AI score0.8733EPSS
Exploits1References2
OSV
OSV
added 2020/06/04 4:15 a.m.5 views

CVE-2020-10546

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.8CVSS7.3AI score0.8733EPSS
Exploits1References2
CVE
CVE
added 2020/06/04 3:25 a.m.104 views

CVE-2020-10546

rConfig 3.9.4 and earlier versions are affected by an unauthenticated SQL injection in compliancepolicies.inc.php. The underlying issue is that passwords are stored in plaintext by default, enabling an attacker to execute arbitrary SQL queries and potentially move laterally to access monitored ne...

9.8CVSS9.8AI score0.8733EPSS
In wildExploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.19 views

CVE-2020-10546

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
Rows per page
Query Builder