EUVD-2020-18046

Malware in sbrugna...

CVE-2023-24366

An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request...

CVE-2022-44384

An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2021-29004

rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely...

CVE-2020-25351

An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote authenticated attackers to read files on the system via a crafted request sent to to the /lib/crud/configcompare.crud.php script...

CVE-2019-19372

A downloadFile.php downloadfile path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit...

CVE-2023-39109

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the patha parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

CVE-2023-39110

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the pathb parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the pathb parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

CVE-2022-45030

A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= this may interact with secure-file-priv...

CVE-2020-23149

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information...

CVE-2020-23148

The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request...

rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) Exploit (2)

Exploit Title: rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated 2 Exploit Author: Vishwaraj Bhattrai Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: = v3.9.6 Tested against Server Host: Linux+XAMPP import...

CVE-2020-10548

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at June 04, 202...

CVE-2020-12256

rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php...

CVE-2020-12257

rConfig 3.9.4 is vulnerable to cross-site request forgery CSRF because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a form add a user, delete a user, or edit a user...

CVE-2020-12258

rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259...

CVE-2019-16663

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution...