rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-18T14:05:12
Updated: 2024-08-04T11:48:58.362Z
Reserved: 2020-04-26T00:00:00
Link: CVE-2020-12255
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-05-18T15:15:10.880
Modified: 2024-11-21T04:59:23.353
Link: CVE-2020-12255
Redhat
No data.