Guard against rConfig
CVE-2019-16622
Network configuration management utility, rConfig is vulnerable to unauthenticated remote command execution
(Vulnerable version: rConfig version prior to 3.9.2)
rConfig is the popular network management utility for IT staffs to take multiple configuration snapshots of their networks devices.
A cybersecurity researcher, Mohammad Askar, has recently published details and proof-of-concept exploits for unpatched, critical remote code execution vulnerabilities in the rConfig utility, one of which could allow unauthenticated remote attackers to compromise targeted servers, and connected network devices.
Impact:
The unauthenticated RCE in “ajaxServerSettingsChk.php” allows an attacker to directly execute system commands through a GET request. Command execution is possible due to the “rootUname” parameter being passed to the exec function without filtering
Mitigation (On Host Device):
For hosts: Update to rConfig version 3.9.3 will mitigate this vulnerability.
Mitigation (On Network):
Deploy advanced protection
Zyxel ZyWALL USG/ATP serial firewall uses its IDP security features to block the network attacks.
Update to the latest version of IDP signature and then enable the IDP function to protect your host.
Revision history
2020-1-16: Initial release
Categories
- All Categories
- 383 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 229 Switch FAQ
- 200 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight