PT-2020-13676 · Rconfig · Rconfig

Vikingfr

Published

2020-10-19

Updated

2022-06-15

CVE-2020-13778

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions rConfig versions 3.9.4 and earlier

Description The issue allows authenticated code execution of system commands by sending a forged GET request to specific API endpoints, such as "lib/ajaxHandlers/ajaxAddTemplate.php" or "lib/ajaxHandlers/ajaxEditTemplate.php".

Recommendations For versions 3.9.4 and earlier, consider disabling access to the "lib/ajaxHandlers/ajaxAddTemplate.php" and "lib/ajaxHandlers/ajaxEditTemplate.php" API endpoints until a patch is available. Restrict authenticated users' ability to send forged GET requests to these endpoints to minimize the risk of exploitation.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2020-13778

Affected Products

Rconfig

PT-2020-13676 · Rconfig · Rconfig

CVE-2020-13778

Weakness Enumeration

Related Identifiers

Affected Products

References · 6