2021-08-20 18:10:54
mitre
PUBLISHED
An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file.