|Category:||Web application abuses|
|Title:||rConfig <= 3.9.5 Multiple Vulnerabilities|
|Summary:||rConfig is prone to multiple vulnerabilities.|
rConfig is prone to multiple vulnerabilities.
rConfig is prone to multiple vulnerabilities:
- Remote code execution vulnerability due to improper validation in the file upload functionality (CVE-2020-12255)
- Multiple XSS vulnerabilities (CVE-2020-12256, CVE-2020-12259)
- CSRF vulnerability (CVE-2020-12257)
- Session fixation vulnerability (CVE-2020-12258)
rConfig version 3.9.5 and prior.
No known solution is available as of 19th May, 2020.
Information regarding this issue will be updated once solution details are available.
Common Vulnerability Exposure (CVE) ID: CVE-2020-12255|
Common Vulnerability Exposure (CVE) ID: CVE-2020-12256
Common Vulnerability Exposure (CVE) ID: CVE-2020-12257
Common Vulnerability Exposure (CVE) ID: CVE-2020-12258
Common Vulnerability Exposure (CVE) ID: CVE-2020-12259
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.