rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-05-18T14:05:12

Updated: 2024-08-04T11:48:58.362Z

Reserved: 2020-04-26T00:00:00

Link: CVE-2020-12255

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-05-18T15:15:10.880

Modified: 2024-11-21T04:59:23.353

Link: CVE-2020-12255

cve-icon Redhat

No data.