An issue was discovered in rConfig... CVE-2019-16662

- AV AC AU C I A
发布: 2019-09-21
修订: 2020-06-01

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.

0%
当前有2条漏洞利用/PoC
产品及版本信息(CPE)暂不可用