{"vulnerability": "CVE-2020-2535", "sightings": [{"uuid": "4be7e651-da94-4cb1-b19e-332844f1f8ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25359", "type": "seen", "source": "https://t.me/cibsecurity/27656", "content": "\u203c CVE-2020-25359 \u203c\n\nAn arbitrary file deletion vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability gave attackers the ability to send a crafted request to /lib/ajaxHandlers/ajaxDeleteAllLoggingFiles.php by specifying a path in the path parameter and an extension in the ext parameter and delete all the files with that extension in that path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-20T22:23:42.000000Z"}]}