Network security specialists reported the finding of two critical vulnerabilities in rConfig, an open source utility for network device management widely used by system administrators.
One of these two vulnerabilities poses a high risk to network deployments in enterprise environments, so administrators need to consider this threat. In addition, the existence of public exploits for both failures adds more complexity to this drawback. Below is a brief report of the flaws found, alongside with their respective CVSS keys.
CVE-2019-19509: Exploiting this vulnerability allows remote threat actors to execute arbitrary shell commands on the target operating system. According to the report, the flaw exists due to the absence of filtering of user-supplied data passed to the ajaxArchiveFiles.php script. An exploit has been reported for this vulnerability.
An authenticated user could send a specially crafted HTTP GET request to the vulnerable script and complete the execution of arbitrary commands on the system. There is still no correction for this vulnerability, although it should be noted that the risk of exploitation is low.
CVE-2020-10220: On the other hand, this is a SQL injection vulnerability that a remote hacker could exploit to execute arbitrary queries against the target database. Experts mention that this flaw exists due to insufficient debugging of user input and that it is passed using the command.inc.php searchColumn parameter.
According to the report, an unauthenticated remote threat actor could send the specially crafted request to the exposed application and then execute arbitrary SQL commands. Unlike the first reported flaw, this is a high severity security vulnerability, which could be exploited to access, modify and delete the information stored in the affected database; the flaw would even allow threat actors to gain complete control over the vulnerable application.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.