Main Vulnerability Database Vulnerabilities #VU34903

#VU34903 Improper Privilege Management in rConfig - CVE-2019-19585

Published: January 6, 2020 / Updated: June 17, 2021

Vulnerability identifier: #VU34903

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2019-19585

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
rConfig

Software vendor:
rConfig

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.

Remediation

Install update from vendor's website.

External links

http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html
https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_lpe.sh
https://raw.githubusercontent.com/v1k1ngfr/exploits/master/rconfig_lpe.sh?token=

#VU34903 Improper Privilege Management in rConfig - CVE-2019-19585

Description

Remediation

External links

Please verify you're human