Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2019/11/05 12:0 a.m.37 views

rConfig Remote Code Execution (CVE-2019-16662; CVE-2019-16663)

A remote code execution vulnerability exists in rConfig. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.97702EPSS
Exploits11
OpenVAS
OpenVAS
added 2019/11/05 12:0 a.m.33 views

rConfig < 3.9.3 Multiple RCE Vulnerabilities - Version Check

rConfig is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9.7AI score0.97702EPSS
Exploits11References3
The Hacker News
The Hacker News
added 2019/11/03 12:51 p.m.103 views

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote...

10CVSS1.2AI score0.97702EPSS
Exploits11
NVD
NVD
added 2019/10/28 12:15 p.m.16 views

CVE-2019-16663

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution...

9CVSS8.9AI score0.84696EPSS
Exploits11References5
CVE
CVE
added 2019/10/28 11:53 a.m.123 views

CVE-2019-16663

CVE-2019-16663 affects rConfig 3.9.2. An attacker can directly execute system commands by issuing a GET to search.crud.php, where the category command parameter (catCommand) is passed to exec without proper filtering, enabling command execution. The description specifies remote code execution via...

9CVSS9.3AI score0.97702EPSS
Exploits11References5Affected Software1
Rows per page
Query Builder