Two unpatched remote command execution vulnerabilities have been identified in popular open-source network management system rConfig. Rconfig was written in PHP, a utility used by network engineers to record snapshots of the devices and to monitor device configurations for policy compliance.
Read full article on GBHackers