Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

rConfig 3.9.5 - Arbitrary File Upload

By kannthu

Vidoc logoVidoc Module

What is the "rConfig 3.9.5 - Arbitrary File Upload?" module?

The "rConfig 3.9.5 - Arbitrary File Upload" module is designed to detect a vulnerability in the rConfig software version 3.9.5. This vulnerability allows an attacker to upload arbitrary files through the userprocess.php endpoint. The severity of this vulnerability is classified as high, with a CVSS score of 8.8.

This module was authored by dwisiswant0.


If successfully exploited, this vulnerability can have serious consequences. An attacker can execute malware, obtain sensitive information, and modify data on the affected system.

How does the module work?

The module sends a POST request to the "/lib/crud/userprocess.php" endpoint of the rConfig software. The request includes various form data parameters, such as "username," "password," and "email." The module then checks for two matching conditions:

    - The response body should contain the phrase "User [random string] successfully added to Database." This indicates that the arbitrary file upload was successful. - The response status code should be 302, indicating a redirect. This is another confirmation that the upload was successful.

If both conditions are met, the module reports a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: User {{randstr}} successfully added to D...and
status: 302
Passive global matcher
No matching conditions.
On match action
Report vulnerability