What is CVE-2023-39109?

CVE-2023-39109 is a vulnerability in N/a. Published 2023-08-01.

Is CVE-2023-39109 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-39109

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via in…

EPSS: 0.785 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

zer0yu/CVE_

References

github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md

Frequently asked questions

What is CVE-2023-39109?: CVE-2023-39109 is a vulnerability in N/a. Published 2023-08-01.
Is CVE-2023-39109 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.