Vulnerabilities (CVE)

Filtered by vendor Rconfig Subscribe
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-39110 1 Rconfig 1 Rconfig 2024-11-21 N/A 8.8 HIGH
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
CVE-2023-39109 1 Rconfig 1 Rconfig 2024-11-21 N/A 8.8 HIGH
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
CVE-2023-39108 1 Rconfig 1 Rconfig 2024-11-21 N/A 8.8 HIGH
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
CVE-2023-24366 1 Rconfig 1 Rconfig 2024-11-21 N/A 6.5 MEDIUM
An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request.
CVE-2022-45030 1 Rconfig 1 Rconfig 2024-11-21 N/A 8.8 HIGH
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv).
CVE-2022-44384 1 Rconfig 1 Rconfig 2024-11-21 N/A 8.8 HIGH
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2021-29006 1 Rconfig 1 Rconfig 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An authenticated user may successfully download any file on the server.
CVE-2021-29005 1 Rconfig 1 Rconfig 2024-11-21 9.0 HIGH 8.8 HIGH
Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server.
CVE-2021-29004 1 Rconfig 1 Rconfig 2024-11-21 6.5 MEDIUM 8.8 HIGH
rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely.
CVE-2020-9425 1 Rconfig 1 Rconfig 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application was not exiting after a redirect is applied, the rest of the page still executed, resulting in the disclosure of cleartext credentials in the response.
CVE-2020-27466 1 Rconfig 1 Rconfig 2024-11-21 6.8 MEDIUM 7.8 HIGH
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file.
CVE-2020-27464 1 Rconfig 1 Rconfig 2024-11-21 6.8 MEDIUM 7.8 HIGH
An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file.
CVE-2020-25359 1 Rconfig 1 Rconfig 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An arbitrary file deletion vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability gave attackers the ability to send a crafted request to /lib/ajaxHandlers/ajaxDeleteAllLoggingFiles.php by specifying a path in the path parameter and an extension in the ext parameter and delete all the files with that extension in that path.
CVE-2020-25353 1 Rconfig 1 Rconfig 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to the machine via the deviceIpAddr and connPort parameters.
CVE-2020-25352 1 Rconfig 1 Rconfig 2024-11-21 3.5 LOW 5.4 MEDIUM
A stored cross-site scripting (XSS) vulnerability in the /devices.php function inrConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote attackers to perform arbitrary Javascript execution through entering a crafted payload into the 'Model' field then saving.
CVE-2020-25351 1 Rconfig 1 Rconfig 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote authenticated attackers to read files on the system via a crafted request sent to to the /lib/crud/configcompare.crud.php script.
CVE-2020-23151 1 Rconfig 1 Rconfig 2024-11-21 7.5 HIGH 9.8 CRITICAL
rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped.
CVE-2020-23150 1 Rconfig 1 Rconfig 2024-11-21 5.0 MEDIUM 7.5 HIGH
A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.
CVE-2020-23149 1 Rconfig 1 Rconfig 2024-11-21 5.0 MEDIUM 7.5 HIGH
The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.
CVE-2020-23148 1 Rconfig 1 Rconfig 2024-11-21 5.0 MEDIUM 7.5 HIGH
The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request.