module
rConfig install Command Execution
| Disclosed |
|---|
| Oct 28, 2019 |
Disclosed
Oct 28, 2019
Description
This module exploits an unauthenticated command injection vulnerability
in rConfig versions 3.9.2 and prior. The `install` directory is not
automatically removed after installation, allowing unauthenticated users
to execute arbitrary commands via the `ajaxServerSettingsChk.php` file
as the web server user.
This module has been tested successfully on rConfig version 3.9.2 on
CentOS 7.7.1908 (x64).
in rConfig versions 3.9.2 and prior. The `install` directory is not
automatically removed after installation, allowing unauthenticated users
to execute arbitrary commands via the `ajaxServerSettingsChk.php` file
as the web server user.
This module has been tested successfully on rConfig version 3.9.2 on
CentOS 7.7.1908 (x64).
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.