CVE-2020-15713
N/A
N/A
Summary
rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/184939
- https://www.rconfig.com/downloads/v3-release-notes
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/184939
- https://www.rconfig.com/downloads/v3-release-notes
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.