rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rconfig rconfig 3.9.5 |