Security Advisory

CVE-2020-13778

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-19 12:54:26

Last updated 2024-08-04 12:25:16

Assigner mitre

State PUBLISHED

Description

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.

← Browse all CVEs View on cve.org ↗