Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.9 views

CVE-2020-10547

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.8CVSS7.6AI score0.36114EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2021/12/22 12:0 a.m.33 views

rConfig SQL Injection (CVE-2020-10546; CVE-2020-10547; CVE-2020-10548; CVE-2020-10549)

An SQL injection vulnerability exists in rConfig. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.8733EPSS
Exploits4
OpenVAS
OpenVAS
added 2020/06/08 12:0 a.m.175 views

rConfig <= 3.9.4 Multiple SQL Injection Vulnerabilities

rConfig is prone to multiple SQL injection vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.8CVSS9.9AI score0.8733EPSS
Exploits4References4
CVE
CVE
added 2020/06/04 3:24 a.m.110 views

CVE-2020-10547

Affected software: rConfig (3.9.4 and earlier). Root cause: unauthenticated SQL injection in compliancepolicyelements.inc.php; vulnerability stems from plaintext storage of node passwords by default. Impact: allows execution of arbitrary SQL queries and lateral movement to gain access to monitore...

9.8CVSS9.8AI score0.36114EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.18 views

CVE-2020-10547

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: thegul...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
Rows per page
Query Builder