Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2021-29004

Published: 11/10/2021 Updated: 16/10/2021
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Rconfig

Vulnerability Summary

rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rconfig rconfig 3.9.6

Github Repositories

https://github.com/mrojz/rconfig-exploit

rconfig-exploit For POC CVE-2021-29004: Execute sqlmap -r CVE-2021-29004-POC-reqtxt Don't forget to update your cookies on all the pocs

References

CWE-89https://rconfig.comhttps://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29004-POC-req.txthttps://github.com/mrojz/rconfig-exploit/blob/main/README.mdhttp://rconfig.comhttps://nvd.nist.govhttps://github.com/mrojz/rconfig-exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook