WEB rConfig compliancepolicies.php and compliancepolicyelements.php and snippets.php SQL Injection -1 (CVE-2020-10546)

Rule ID

1137237

Severity

Critical

Description

A SQL injection vulnerability has been reported in rConfig Network Device Configuration Tool. The vulnerability is due to insufficient input validation in the ompliancepolicies.php and compliancepolicyelements.php and snippets.php.

Impact

SQL injection

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2020-10546

CVE-2020-10549

CVE-2020-10547

CVE-2020-10548

T1210

T0866

T1190

T0819

Keywords

N/A

Date Created

2020/07/10

Last Updated

2026/05/29