Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-12258

rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
Products affected by CVE-2020-12258
  • Rconfig » Rconfig » Version: 3.9.4
    cpe:2.3:a:rconfig:rconfig:3.9.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved