CVE-2021-29005
CVE-2021-29005 affects the rConfig server (version 3.9.6). The root cause is an insecure permission setup around the chmod command, allowing an Apache user to run chmod as root without a password after installation. This can let a low-privilege attacker gain root access on the server. The connect...