CVE-2020-10221: rConfig OS Command Injection Vulnerability. rConfig

rConfig OS Command Injection Vulnerability. rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.

• CISA KEV-listed (remediation due 2022-05-03)
• EPSS 91.4% (99.7% percentile)

Browse the CVE database

Read the full analysis on IntelFusions