Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2019-19268

Vulnerability Summary

Multiple attack vectors in rConfig v3.9.2 due to misconfiguration, which allows local users to execute root commands via sudo. The Sudo configuration in rConfig 3.9.2 gives the apache user access to execute the /usr/bin/zip, /bin/chmod, and /usr/bin/tail programs as root. This can be used for remote code execution in conjunction with CVE-2019-16662 and CVE-2019-16663.

Vulnerability Trend

Github Repositories

https://github.com/TheCyberGeek/CVE-2019-19268

New Found 0-days!

CVE-2019-19268 Affected Version: rConfig 392 [Description] Multiple attack vectors in rConfig v392 due to misconfiguration, which allows local users to execute root commands via sudo [Discoverers] dmw0ng - Discord: dmw0ng#4449 TheCyberGeek - Discord: TheCyberGeek#1892 Email: cybergeek19@protonmailcom The Sudo configuration in rConfig 392 gives the apache user access

References

https://github.com/TheCyberGeek/CVE-2019-19268
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook