2 matches found
The vulnerability of the commands.inc.php component of the rConfig configuration management tool for network devices stems from a lack of security measures in the SQL query structure. This allows attackers to execute arbitrary commands.
The vulnerability of the commands.inc.php component of the rConfig network device configuration management tool is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via a specially crafted GET...
rConfig SQL Injection Vulnerability (CNVD-2020-16098)
rConfig is an open source network device configuration management utility . A SQL injection vulnerability exists in the web interface of rConfig 3.94 and earlier versions. An attacker can exploit this vulnerability with a SQL injection attack via the commands.inc.php searchColumn parameter...