Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rconfig rconfig 3.9.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2019-19268
Multiple attack vectors in rConfig v3.9.2 due to misconfiguration, which allows local users to execute root commands via sudo. The Sudo configuration in rConfig 3.9.2 gives the apache user access to execute the /usr/bin/zip, /bin/chmod, and /usr/bin/tail programs as root. This ca...
1 Github repository
6.5
CVSSv2
CVE-2019-19207
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
Rconfig Rconfig 3.9.2
10
CVSSv2
CVE-2019-16662
An issue exists in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.2
2 EDB exploits
4 Github repositories
9
CVSSv2
CVE-2019-16663
An issue exists in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.2
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started