rConfig, the open source network device configuration management tool, Vulnerable to Local File Inclusion

June 2, 2016 007admin

Posted by Gregory Pickett on Jun 02

Title
===================
rConfig, the open source network device configuration management tool, Vulnerable to Local File Inclusion

Summary
===================
rConfig, the open source network device configuration management tool, is vulnerable to local file inclusion in
/lib/crud/downloadFile.php. downloadFile.php allows authenticated users to download any file on the server.

Affected Products
===================
rConfig 3.1.1 and earlier…

007 Software

rConfig, the open source network device configuration management tool, Vulnerable to Local File Inclusion

Software and Security Information