An issue was discovered in rConfig... CVE-2019-16662

- AV AC AU C I A
发布: 2019-11-07
修订: 2019-11-20

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.

0%
当前有1条漏洞利用/PoC
产品及版本信息(CPE)暂不可用