Vulnerabilities > Rconfig

DATE CVE VULNERABILITY TITLE RISK
2020-01-06 CVE-2019-19509 OS Command Injection vulnerability in Rconfig 3.9.3
An issue was discovered in rConfig 3.9.3.
network
low complexity
rconfig CWE-78
critical
9.0
2019-11-28 CVE-2019-19372 Path Traversal vulnerability in Rconfig
** DISPUTED ** A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files.
network
low complexity
rconfig CWE-22
5.0
2019-11-21 CVE-2019-19207 SQL Injection vulnerability in Rconfig 3.9.2
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
network
low complexity
rconfig CWE-89
6.5
2019-10-28 CVE-2019-16663 OS Command Injection vulnerability in Rconfig 3.9.2
An issue was discovered in rConfig 3.9.2.
network
low complexity
rconfig CWE-78
critical
9.0
2019-10-28 CVE-2019-16662 OS Command Injection vulnerability in Rconfig 3.9.2
An issue was discovered in rConfig 3.9.2.
network
low complexity
rconfig CWE-78
critical
10.0