CVE-2020-13638 · Vexday

CVE-2020-13638

EPSS 76.8%

lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. This issue has been fixed in 3.9.7.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/