CVE-2019-19585
- Reference to the description:
- Description:
- An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.
- Last updated date:
- 01/31/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/28/2020
- Reference url to background
https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_lpe.sh
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/28/2020
- Reference url to background
https://raw.githubusercontent.com/v1k1ngfr/exploits/master/rconfig_lpe.sh?token=
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 01/31/2023
- Reference url to background
http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html