CVE-2020-10221

⚠ KEVEPSS 91.4%

rConfig OS Command Injection Vulnerability

Added to CISA KEV: 11/3/2021

Description

rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.

Affected packages (0)

No package mapping in OSV.