Critical Remote Code Execution Flaw Found in Open Source rConfig Utility
#1
Information 
Quote:The network configuration management utility has two unpatched critical remote code execution vulnerabilities.

Two bugs in the network configuration utility rConfig have been identified, both allowing remote code execution on affected systems. Worse, one is rated critical and allows for a user to attack a system remotely – sans authentication.
 
RConfig is a free open-source configuration management utility used by over 7,000 network engineers to take snapshots of over 7 million network devices, according the project’s website.
 
The vulnerabilities (CVE-2019-16663CVE-2019-16662) are both tied to rConfig version 3.9.2. The more serious of the two vulnerabilities (CVE-2019-16662) allows an attacker to execute system commands on affected devices via GET requests, which can lead to command

Read more: https://threatpost.com/critical-rce-flaw...ig/149847/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Critical Remote Code Execution Flaw Found in Open Source rConfig Utility - by silversurfer - 04 November 19, 18:25

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Internet Download Manager 6.32 Build 9
Internet Download ...Kool — 04:56
AdGuard VPN for Windows 2.9.5 & 2.9.6
AdGuard VPN for Wi...harlan4096 — 10:11
Waterfox 6.6.16
Waterfox 6.6.16 ...harlan4096 — 10:07
Bittorrent v5.2.3
qBittorrent v5.2.3...harlan4096 — 10:06
Google Chrome 150.0.7871.100/.101
Google Chrome 150....harlan4096 — 10:05

[-]
Birthdays
Today's Birthdays
avatar (51)spoofTum
Upcoming Birthdays
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (39)boineDon
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>