Two holes in the network configuration management utility

The vulnerability is considered a serious problem on the rConfig tool that could allow hackers to hijack the device.

rConfig is a network configuration management utility that is commonly used in large network systems such as those of network and telecommunications infrastructure providers. Security researcher Mohammad Askar discovered the incident earlier this week and said at least one of the two vulnerabilities could allow an attacker to gain access to the target server and connected network devices.

All versions of rConfig, including the latest version of 3.9.2, are affected and no security patches are currently available.

With a dangerous level of 9.8 / 10 from the National Institute of Standards and Technology (NIST), Vietnam Cyber ​​Security Company VSEC stated that the flaw will directly affect many Vietnamese enterprises. An attacker can embed executable code into the application, easily hijacking the server, thereby controlling the entire network under the rConfig utility.

rConfig is an open source utility that manages network device configuration such as switches, routers, firewalls, load balancers, optimizes WAN … According to the rConfig developer, the utility currently manages handle more than 3.3 million devices. In Vietnam, according to VSEC statistics, more than 10,000 devices belonging to large network systems in enterprises providing network infrastructure, IT and telecommunications infrastructure are using this utility.

Due to the lack of a patch, VSEC recommends that rConfig users limit the IP address to access the system, block access to the ajaxServerSettingsChk.php module if not used, or use alternative administrative solutions. and update as soon as the patch is released.
Gửi phản hồi
Lịch sử
Đã lưu
Cộng đồng