Vulnerabilities

CVE-2020-15714

by Fred · 28/07/2020

rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.crud.php script using the custom_Location parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database.

Date published : 2020-07-28

https://exchange.xforce.ibmcloud.com/vulnerabilities/184940

https://www.rconfig.com/downloads/v3-release-notes

Similar

Tags: Cybersecurity Alert