THREAT OPS › CVEs › CVE-2020-10221
CVE-2020-10221 — rConfig OS Command Injection Vulnerability
rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.
Vulnerability details
- Affected productsrConfig
- KEV remediation due2022-05-03