The vulnerability of the commands.inc.php component of the rConfig configuration management tool for network devices stems from a lack of security measures in the SQL query structure. This allows attackers to execute arbitrary commands.
The vulnerability of the commands.inc.php component of the rConfig network device configuration management tool is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via a specially crafted GET...