.. / CVE-2020-10549

Exploit for rConfig <=3.9.4 - SQL Injection (CVE-2020-10549)

Description:

rConfig 3.9.4 and prior has unauthenticated snippets.inc.php SQL injection. Because nodes’ passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.

Nuclei Template

View the template here CVE-2020-10549.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-10549.yaml

References:

https://github.com/Elsfa7-110/kenzer-templates
https://github.com/ARPSyndicate/kenzer-templates
https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/
https://github.com/theguly/exploits/blob/master/CVE-2020-10549.py
https://nvd.nist.gov/vuln/detail/CVE-2020-10549

.. / CVE-2020-10549 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for rConfig <=3.9.4 - SQL Injection (CVE-2020-10549)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-10549