CVE-2023-39108
published 2023-08-01CVE-2023-39108: rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php…
PriorityP259high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
2.96%
85.5th percentile
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rconfig | rconfig | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect SSRF exploitation attempts by monitoring GET requests to /lib/crud/configcompare.crud.php with a path_b parameter containing a file:// or http:// URI scheme. ↗
- →A successful exploitation response body will contain the string matching root:.*:0:0: (i.e., /etc/passwd content), indicating local file read via SSRF. ↗
- →Shodan/FOFA fingerprinting for exposed rConfig instances can be performed using the HTTP title 'rConfig' or 'rconfig'. ↗
- →The attack requires prior authentication; monitor for login POST to /lib/crud/userprocess.php followed immediately by a request to /lib/crud/configcompare.crud.php with a file:// or external URL in path_b. ↗
- ·Exploitation requires valid credentials (authenticated attacker); unauthenticated scanning will not trigger the vulnerable code path. ↗
- ·The vulnerability is specific to rConfig version 3.9.4; the CPE scope is cpe:2.3:a:rconfig:rconfig:3.9.4. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
rConfig 3.9.4 - Server-Side Request Forgery
nuclei·CVSS 8.8
CVE-2023-39108 [HIGH] rConfig 3.9.4 - Server-Side Request Forgery
rConfig 3.9.4 - Server-Side Request Forgery
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
Template:
id: CVE-2023-39108
info:
name: rConfig 3.9.4 - Server-Side Request Forgery
author: theamanrawat
severity: high
description: |
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
impact: |
Authenticated attackers can exploit SSRF vulnerabilities in the path_b paramet
No writeups or analysis indexed.
2023-08-01
Published