Vulnerabilities > Rconfig > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-06 CVE-2019-19509 OS Command Injection vulnerability in Rconfig 3.9.3
An issue was discovered in rConfig 3.9.3.
network
low complexity
rconfig CWE-78
8.8
2019-11-28 CVE-2019-19372 Path Traversal vulnerability in Rconfig
A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files.
network
low complexity
rconfig CWE-22
7.5
2019-11-21 CVE-2019-19207 SQL Injection vulnerability in Rconfig 3.9.2
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
network
low complexity
rconfig CWE-89
8.8
2019-10-28 CVE-2019-16663 OS Command Injection vulnerability in Rconfig 3.9.2
An issue was discovered in rConfig 3.9.2.
network
low complexity
rconfig CWE-78
8.8