| Name | rconfig_ajaxserver_rce |
| CVE | CVE-2019-16662 |
| Exploit Pack | CANVAS |
| Description | rconfig_ajaxserver_rce |
| Notes | CVE Name: CVE-2019-16662 VENDOR: rConfig NOTES: The current exploit initializes a tcp server to serve the mosdef callback (port 8080) IMPORTANT: In the path textfield you need the path to the rConfig webapp. Tested on: * CentOS7, rConfig v3.9.2 Repeatability: Infinite References: https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/unpatched-remote-code-execution-rconfig-flaws-could-affect-millions-of-servers-and-network-devices CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-16662 Date public: 21/09/2019 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |