Vulnerabilities > CVE-2020-25353 - Server-Side Request Forgery (SSRF) vulnerability in Rconfig 3.9.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to the machine via the deviceIpAddr and connPort parameters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |