CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27466

An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://ssd-disclosure.com/ssd-advisory-rconfig-unauthenticated-rce/
https://ssd-disclosure.com/ssd-advisory-rconfig-unauthenticated-rce/

Products affected by CVE-2020-27466

Rconfig » Rconfig » Version: 3.9.6

cpe:2.3:a:rconfig:rconfig:3.9.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27466

Products

Pricing

Contact Us