Vulnerability
As filtering is not enabled while passing the rootUname parameter to the exec function, by sending a GET request to ajaxServerSettingsChk.php, the attacker can explicitly run system commands. This was noticed in rConfig 3.9.5.
Mitigation / Precaution
We suggest you update rConfig to a version gater than 3.9.5 in order to fix this vulnerability.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
