rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the search.crud.php script. An attacker could exploit this vulnerability using the nodeId parameter.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/184941 | Third Party Advisory VDB Entry |
https://www.rconfig.com/downloads/v3-release-notes | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-28T13:04:09
Updated: 2020-07-28T13:04:09
Reserved: 2020-07-14T00:00:00
Link: CVE-2020-15715
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-28T14:15:13.733
Modified: 2020-07-28T15:05:42.597
Link: CVE-2020-15715
JSON object: View
Redhat Information
No data.
CWE