4 matches found
rConfig <= 3.9.6 Multiple Vulnerabilities
rConfig is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-23151
creationtimestamp| type| source ---|---|--- 2021-08-10 02:50:56+00:00| seen| https://t.me/cibsecurity/27042...
CVE-2020-23151
rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped...
CVE-2020-23151
CVE-2020-23151 concerns rConfig 3.9.5, where a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php can trigger command injection because the path parameter is passed directly to exec without escaping. Multiple sources (Red Hat, NVD, CNNVD, PRION, OpenVAS, CVE list) corroborate this singl...