CVE-2021-33357
- EPSS 92.88%
- Veröffentlicht 09.06.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:08:45
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS ...
- EPSS 0.81%
- Veröffentlicht 09.06.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:08:45
Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to ex...
- EPSS 42.14%
- Veröffentlicht 24.08.2020 20:15:10
- Zuletzt bearbeitet 21.11.2024 05:15:01
An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute co...