rConfig SQLi Vulnerability CVE-2020-10548 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

rConfig SQLi Vulnerability CVE-2020-10548 Scanner Detail

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection.

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.

Some Advice for Common Problems

Update your rConfig Software, to the latest version to eliminate this vulnerability.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service