Vulnerability Description
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rconfig | Rconfig | <= 3.9.4 |
Related Weaknesses (CWE)
References
- https://github.com/theguly/exploits/blob/master/CVE-2020-10549.pyExploitThird Party Advisory
- https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/ExploitThird Party Advisory
- https://github.com/theguly/exploits/blob/master/CVE-2020-10549.pyExploitThird Party Advisory
- https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/ExploitThird Party Advisory
FAQ
What is CVE-2020-10549?
CVE-2020-10549 is a vulnerability with a CVSS score of 9.8 (CRITICAL). rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, gra...
How severe is CVE-2020-10549?
CVE-2020-10549 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-10549?
Check the references section above for vendor advisories and patch information. Affected products include: Rconfig Rconfig.