Guard against rConfig
CVE-2019-16622
Network configuration management utility, rConfig is vulnerable to unauthenticated remote command execution
(Vulnerable version: rConfig version prior to 3.9.2)
rConfig is the popular network management utility for IT staffs to take multiple configuration snapshots of their networks devices.
A cybersecurity researcher, Mohammad Askar, has recently published details and proof-of-concept exploits for unpatched, critical remote code execution vulnerabilities in the rConfig utility, one of which could allow unauthenticated remote attackers to compromise targeted servers, and connected network devices.
Impact:
The unauthenticated RCE in “ajaxServerSettingsChk.php” allows an attacker to directly execute system commands through a GET request. Command execution is possible due to the “rootUname” parameter being passed to the exec function without filtering
Mitigation (On Host Device):
For hosts: Update to rConfig version 3.9.3 will mitigate this vulnerability.
Mitigation (On Network):
Deploy advanced protection
Zyxel ZyWALL USG/ATP serial firewall uses its IDP security features to block the network attacks.
Update to the latest version of IDP signature and then enable the IDP function to protect your host.
Revision history
2020-1-16: Initial release
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight