CVE-2020-10221: 
rConfig vulnerability analysis and mitigation

The vulnerability (CVE-2020-10221) affects rConfig through version 3.94, specifically in the lib/ajaxHandlers/ajaxAddTemplate.php file. The vulnerability allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. This vulnerability was discovered and disclosed in March 2020 (NVD).

The vulnerability is classified as an OS Command Injection (CWE-78) issue. The affected component, ajaxAddTemplate.php, improperly handles user input in the fileName parameter, allowing attackers to inject shell metacharacters. The vulnerability has a CVSS v3.1 Base Score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a network-exploitable vulnerability requiring low attack complexity and low privileges (NVD).

Successful exploitation of this vulnerability allows attackers to execute arbitrary OS commands on the affected system. This can lead to complete system compromise, including the ability to read and modify files, access sensitive data, and potentially gain full control of the affected server (CISA KEV).

Organizations should update rConfig to a version newer than 3.94 to address this vulnerability. CISA has included this vulnerability in their Known Exploited Vulnerabilities (KEV) catalog, with a remediation due date of May 3, 2022, requiring federal agencies to apply vendor updates (CISA KEV).