.. / CVE-2020-10548

Exploit for rConfig 3.9.4 - SQL Injection (CVE-2020-10548)

Description:

rConfig 3.9.4 and previous versions have unauthenticated devices.inc.php SQL injection. Because nodes’ passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.

Nuclei Template

View the template here CVE-2020-10548.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-10548.yaml

References:

https://github.com/Elsfa7-110/kenzer-templates
https://github.com/theguly/exploits/blob/master/CVE-2020-10548.py
https://github.com/ARPSyndicate/kenzer-templates
https://nvd.nist.gov/vuln/detail/CVE-2020-10548
https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/

.. / CVE-2020-10548 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for rConfig 3.9.4 - SQL Injection (CVE-2020-10548)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-10548