Search criteria
36 vulnerabilities found for raspap by raspap
FKIE_CVE-2024-2497
Vulnerability from fkie_nvd - Published: 2024-03-15 17:15 - Updated: 2025-04-09 15:29
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4 | Exploit, Mitigation, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.256919 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.256919 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4 | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.256919 | Permissions Required, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.256919 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "30536CBF-D76B-4A1F-9DA3-4A4D47A5EF58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en RaspAP raspap-webgui 3.0.9 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo include/provider.php del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento pa\u00eds conduce a la inyecci\u00f3n de c\u00f3digo. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-256919. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"id": "CVE-2024-2497",
"lastModified": "2025-04-09T15:29:46.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-15T17:15:08.177",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.256919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.256919"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-28754
Vulnerability from fkie_nvd - Published: 2024-03-09 00:15 - Updated: 2025-05-01 00:13
Severity ?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://dustri.org/b/carrot-disclosure.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dustri.org/b/carrot-disclosure.html | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20755B23-BDA3-4C54-977F-5B7CC2EC9D66",
"versionEndIncluding": "3.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request."
},
{
"lang": "es",
"value": "RaspAP (tambi\u00e9n conocido como raspap-webgui) hasta 3.0.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio persistente (bricking) mediante una solicitud manipulada."
}
],
"id": "CVE-2024-28754",
"lastModified": "2025-05-01T00:13:29.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-09T00:15:59.987",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-28753
Vulnerability from fkie_nvd - Published: 2024-03-09 00:15 - Updated: 2025-05-01 00:17
Severity ?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://dustri.org/b/carrot-disclosure.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dustri.org/b/carrot-disclosure.html | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20755B23-BDA3-4C54-977F-5B7CC2EC9D66",
"versionEndIncluding": "3.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request."
},
{
"lang": "es",
"value": "RaspAP (tambi\u00e9n conocido como raspap-webgui) hasta la versi\u00f3n 3.0.9 permite a atacantes remotos leer el archivo /etc/passwd mediante una solicitud manipulada."
}
],
"id": "CVE-2024-28753",
"lastModified": "2025-05-01T00:17:11.497",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-09T00:15:59.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39987
Vulnerability from fkie_nvd - Published: 2023-08-01 14:15 - Updated: 2024-11-21 07:18
Severity ?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647CFC07-73BF-45E3-8329-FF7E6BA76F79",
"versionEndIncluding": "2.9.2",
"versionStartIncluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the \"entity\" POST parameters in /ajax/networking/get_wgkey.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de comandos en RaspAP que afecta desde la versi\u00f3n 2.8.0 hasta la 2.9.2, la cual permite a un atacante autenticado ejecutar comandos arbitrarios del sistema operativo como root a trav\u00e9s de los par\u00e1metros POST \"entity\" en /ajax/networking/get_wgkey.php."
}
],
"id": "CVE-2022-39987",
"lastModified": "2024-11-21T07:18:36.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-01T14:15:09.937",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39986
Vulnerability from fkie_nvd - Published: 2023-08-01 14:15 - Updated: 2024-11-21 07:18
Severity ?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57804DDB-E74C-40C8-8F11-313B1AB2F692",
"versionEndIncluding": "2.8.7",
"versionStartIncluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos en RaspAP afecta a las versiones desde la 2.8.0 a la 2.8.7, la cual permite a atacantes no autenticados ejecutar comandos arbitrarios a trav\u00e9s del par\u00e1metro cfg_id en /ajax/openvpn/activate_ovpncfg.php y /ajax/openvpn/del_ovpncfg.php."
}
],
"id": "CVE-2022-39986",
"lastModified": "2024-11-21T07:18:35.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-01T14:15:09.877",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-30260
Vulnerability from fkie_nvd - Published: 2023-06-23 12:15 - Updated: 2024-11-21 07:59
Severity ?
Summary
Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://eldstal.se/advisories/230328-raspap.html | Exploit, Mitigation, Third Party Advisory | |
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui/pull/1322 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://eldstal.se/advisories/230328-raspap.html | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui/pull/1322 | Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9C6B2-1BC0-427A-8E82-771AE4AFDE34",
"versionEndIncluding": "2.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form."
}
],
"id": "CVE-2023-30260",
"lastModified": "2024-11-21T07:59:57.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-23T12:15:09.520",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-38557
Vulnerability from fkie_nvd - Published: 2021-08-24 13:15 - Updated: 2024-11-21 06:17
Severity ?
Summary
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui | Product | |
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers | Third Party Advisory | |
| cve@mitre.org | https://zerosecuritypenetrationtesting.com/?page_id=306 | Exploit, Third Party Advisory, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zerosecuritypenetrationtesting.com/?page_id=306 | Exploit, Third Party Advisory, URL Repurposed |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA640C3-FB93-4A67-9FA8-34755A0904E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content."
},
{
"lang": "es",
"value": "raspap-webgui en RaspAP versi\u00f3n 2.6.6, permite a atacantes ejecutar comandos como root debido a permisos no seguros de sudoers. La cuenta www-data puede ejecutar el archivo /etc/raspap/hostapd/enablelog.sh como root sin contrase\u00f1a; sin embargo, la cuenta www-data tambi\u00e9n puede sobrescribir el archivo /etc/raspap/hostapd/enablelog.sh con cualquier contenido ejecutable."
}
],
"id": "CVE-2021-38557",
"lastModified": "2024-11-21T06:17:26.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-24T13:15:14.513",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"URL Repurposed"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"URL Repurposed"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-38556
Vulnerability from fkie_nvd - Published: 2021-08-24 13:15 - Updated: 2024-11-21 06:17
Severity ?
Summary
includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui | Product | |
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php | Third Party Advisory | |
| cve@mitre.org | https://zerosecuritypenetrationtesting.com/?page_id=306 | Exploit, Third Party Advisory, VDB Entry, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zerosecuritypenetrationtesting.com/?page_id=306 | Exploit, Third Party Advisory, VDB Entry, URL Repurposed |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA640C3-FB93-4A67-9FA8-34755A0904E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection."
},
{
"lang": "es",
"value": "el archivo includes/configure_client.php en RaspAP versi\u00f3n 2.6.6, permite a atacantes ejecutar comandos por medio de inyecci\u00f3n de comandos."
}
],
"id": "CVE-2021-38556",
"lastModified": "2024-11-21T06:17:26.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-24T13:15:14.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry",
"URL Repurposed"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry",
"URL Repurposed"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-33357
Vulnerability from fkie_nvd - Published: 2021-06-09 18:15 - Updated: 2024-11-21 06:08
Severity ?
Summary
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf | Third Party Advisory | |
| cve@mitre.org | https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8054A4-5285-45FA-9CC9-8F78A28011A2",
"versionEndIncluding": "2.6.5",
"versionStartIncluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in RaspAP 2.6 to 2.6.5 in the \"iface\" GET parameter in /ajax/networking/get_netcfg.php, when the \"iface\" parameter value contains special characters such as \";\" which enables an unauthenticated attacker to execute arbitrary OS commands."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en RaspAP versiones 2.6 hasta 2.6.5, en el par\u00e1metro \"iface\" GET en el archivo /ajax/networking/get_netcfg.php, cuando el valor del par\u00e1metro \"iface\" contiene caracteres especiales como \";\" que permite a un atacante no autenticado ejecutar comandos arbitrarios del SO"
}
],
"id": "CVE-2021-33357",
"lastModified": "2024-11-21T06:08:45.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-09T18:15:08.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-33358
Vulnerability from fkie_nvd - Published: 2021-06-09 18:15 - Updated: 2024-11-21 06:08
Severity ?
Summary
Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF65C1F6-C1C3-48E1-9355-E53F27B5EFE7",
"versionEndIncluding": "2.6.5",
"versionStartIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the \"interface\", \"ssid\" and \"wpa_passphrase\" POST parameters in /hostapd, when the parameter values contain special characters such as \";\" or \"$()\" which enables an authenticated attacker to execute arbitrary OS commands."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en RaspAP versiones 2.3 a 2.6.5 en los par\u00e1metros \"interface\", \"ssid\" y \"wpa_passphrase\" POST en la funci\u00f3n /hostapd, cuando los valores de los par\u00e1metros contienen caracteres especiales como \";\" o \"$()\" que permite a un atacante autenticado ejecutar comandos arbitrarios del sistema operativo"
}
],
"id": "CVE-2021-33358",
"lastModified": "2024-11-21T06:08:45.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-09T18:15:08.710",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-33356
Vulnerability from fkie_nvd - Published: 2021-06-09 18:15 - Updated: 2024-11-21 06:08
Severity ?
Summary
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C0D122-A001-46F5-99DA-1DB36258E4D5",
"versionEndIncluding": "2.6.5",
"versionStartIncluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de escalada de privilegios en RaspAP versiones 1.5 hasta 2.6.5, podr\u00edan permitir a un atacante remoto autenticado inyectar comandos arbitrarios en el componente /installers/common.sh que pueden resultar en una ejecuci\u00f3n de comandos remotos con privilegios de root"
}
],
"id": "CVE-2021-33356",
"lastModified": "2024-11-21T06:08:44.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-09T18:15:08.640",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L216"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L231"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L314"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L407"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/5a7b77459839c9420fac0d10ec28cee1af9bb782/installers/common.sh#L510"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-2497 (GCVE-0-2024-2497)
Vulnerability from cvelistv5 – Published: 2024-03-15 17:00 – Updated: 2024-08-08 20:47
VLAI?
Title
RaspAP raspap-webgui HTTP POST Request provider.php code injection
Summary
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
4.7 (Medium)
4.7 (Medium)
CWE
- CWE-94 - Code Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RaspAP | raspap-webgui |
Affected:
3.0.9
|
Credits
torada (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:47.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-256919 | RaspAP raspap-webgui HTTP POST Request provider.php code injection",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.256919"
},
{
"name": "VDB-256919 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:raspap:raspap:3.0.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "raspap",
"vendor": "raspap",
"versions": [
{
"status": "affected",
"version": "3.0.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2497",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T17:43:42.005447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:47:11.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP POST Request Handler"
],
"product": "raspap-webgui",
"vendor": "RaspAP",
"versions": [
{
"status": "affected",
"version": "3.0.9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "torada (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in RaspAP raspap-webgui 3.0.9 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei includes/provider.php der Komponente HTTP POST Request Handler. Durch die Manipulation des Arguments country mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T17:00:07.963Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-256919 | RaspAP raspap-webgui HTTP POST Request provider.php code injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.256919"
},
{
"name": "VDB-256919 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"tags": [
"exploit"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-03-15T12:55:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "RaspAP raspap-webgui HTTP POST Request provider.php code injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-2497",
"datePublished": "2024-03-15T17:00:07.963Z",
"dateReserved": "2024-03-15T11:50:41.827Z",
"dateUpdated": "2024-08-08T20:47:11.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28754 (GCVE-0-2024-28754)
Vulnerability from cvelistv5 – Published: 2024-03-08 00:00 – Updated: 2024-11-01 19:10
VLAI?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "raspap",
"vendor": "raspap",
"versions": [
{
"lessThanOrEqual": "3.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T19:08:56.050888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T19:10:08.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T23:20:46.895764",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dustri.org/b/carrot-disclosure.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28754",
"datePublished": "2024-03-08T00:00:00",
"dateReserved": "2024-03-08T00:00:00",
"dateUpdated": "2024-11-01T19:10:08.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28753 (GCVE-0-2024-28753)
Vulnerability from cvelistv5 – Published: 2024-03-08 00:00 – Updated: 2024-11-14 19:38
VLAI?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-11T15:29:28.972020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T19:38:57.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T23:21:01.410402",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dustri.org/b/carrot-disclosure.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28753",
"datePublished": "2024-03-08T00:00:00",
"dateReserved": "2024-03-08T00:00:00",
"dateUpdated": "2024-11-14T19:38:57.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39987 (GCVE-0-2022-39987)
Vulnerability from cvelistv5 – Published: 2023-08-01 00:00 – Updated: 2024-10-21 13:51
VLAI?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:07:43.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39987",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T13:51:39.940123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T13:51:48.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the \"entity\" POST parameters in /ajax/networking/get_wgkey.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-39987",
"datePublished": "2023-08-01T00:00:00",
"dateReserved": "2022-09-06T00:00:00",
"dateUpdated": "2024-10-21T13:51:48.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39986 (GCVE-0-2022-39986)
Vulnerability from cvelistv5 – Published: 2023-08-01 00:00 – Updated: 2024-10-21 14:32
VLAI?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:07:42.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39986",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T14:31:56.932403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T14:32:09.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-15T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-39986",
"datePublished": "2023-08-01T00:00:00",
"dateReserved": "2022-09-06T00:00:00",
"dateUpdated": "2024-10-21T14:32:09.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30260 (GCVE-0-2023-30260)
Vulnerability from cvelistv5 – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:01
VLAI?
Summary
Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:00:26.427115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:01:02.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30260",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-04-07T00:00:00",
"dateUpdated": "2024-12-05T17:01:02.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38556 (GCVE-0-2021-38556)
Vulnerability from cvelistv5 – Published: 2021-08-24 12:33 – Updated: 2024-08-04 01:44
VLAI?
Summary
includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T12:33:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"name": "https://zerosecuritypenetrationtesting.com/?page_id=306",
"refsource": "MISC",
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38556",
"datePublished": "2021-08-24T12:33:07",
"dateReserved": "2021-08-11T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38557 (GCVE-0-2021-38557)
Vulnerability from cvelistv5 – Published: 2021-08-24 12:33 – Updated: 2024-08-04 01:44
VLAI?
Summary
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T12:33:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"name": "https://zerosecuritypenetrationtesting.com/?page_id=306",
"refsource": "MISC",
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38557",
"datePublished": "2021-08-24T12:33:01",
"dateReserved": "2021-08-11T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33358 (GCVE-0-2021-33358)
Vulnerability from cvelistv5 – Published: 2021-06-09 17:53 – Updated: 2024-08-03 23:50
VLAI?
Summary
Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the \"interface\", \"ssid\" and \"wpa_passphrase\" POST parameters in /hostapd, when the parameter values contain special characters such as \";\" or \"$()\" which enables an authenticated attacker to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T17:53:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the \"interface\", \"ssid\" and \"wpa_passphrase\" POST parameters in /hostapd, when the parameter values contain special characters such as \";\" or \"$()\" which enables an authenticated attacker to execute arbitrary OS commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"name": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf",
"refsource": "MISC",
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33358",
"datePublished": "2021-06-09T17:53:28",
"dateReserved": "2021-05-20T00:00:00",
"dateUpdated": "2024-08-03T23:50:42.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33357 (GCVE-0-2021-33357)
Vulnerability from cvelistv5 – Published: 2021-06-09 17:51 – Updated: 2024-08-03 23:50
VLAI?
Summary
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in RaspAP 2.6 to 2.6.5 in the \"iface\" GET parameter in /ajax/networking/get_netcfg.php, when the \"iface\" parameter value contains special characters such as \";\" which enables an unauthenticated attacker to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T17:51:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability exists in RaspAP 2.6 to 2.6.5 in the \"iface\" GET parameter in /ajax/networking/get_netcfg.php, when the \"iface\" parameter value contains special characters such as \";\" which enables an unauthenticated attacker to execute arbitrary OS commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_netcfg.php"
},
{
"name": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf",
"refsource": "MISC",
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33357",
"datePublished": "2021-06-09T17:51:55",
"dateReserved": "2021-05-20T00:00:00",
"dateUpdated": "2024-08-03T23:50:42.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2497 (GCVE-0-2024-2497)
Vulnerability from nvd – Published: 2024-03-15 17:00 – Updated: 2024-08-08 20:47
VLAI?
Title
RaspAP raspap-webgui HTTP POST Request provider.php code injection
Summary
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
4.7 (Medium)
4.7 (Medium)
CWE
- CWE-94 - Code Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RaspAP | raspap-webgui |
Affected:
3.0.9
|
Credits
torada (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:18:47.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-256919 | RaspAP raspap-webgui HTTP POST Request provider.php code injection",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.256919"
},
{
"name": "VDB-256919 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:raspap:raspap:3.0.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "raspap",
"vendor": "raspap",
"versions": [
{
"status": "affected",
"version": "3.0.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2497",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T17:43:42.005447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:47:11.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP POST Request Handler"
],
"product": "raspap-webgui",
"vendor": "RaspAP",
"versions": [
{
"status": "affected",
"version": "3.0.9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "torada (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256919. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in RaspAP raspap-webgui 3.0.9 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei includes/provider.php der Komponente HTTP POST Request Handler. Durch die Manipulation des Arguments country mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T17:00:07.963Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-256919 | RaspAP raspap-webgui HTTP POST Request provider.php code injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.256919"
},
{
"name": "VDB-256919 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.256919"
},
{
"tags": [
"exploit"
],
"url": "https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-03-15T12:55:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "RaspAP raspap-webgui HTTP POST Request provider.php code injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-2497",
"datePublished": "2024-03-15T17:00:07.963Z",
"dateReserved": "2024-03-15T11:50:41.827Z",
"dateUpdated": "2024-08-08T20:47:11.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28754 (GCVE-0-2024-28754)
Vulnerability from nvd – Published: 2024-03-08 00:00 – Updated: 2024-11-01 19:10
VLAI?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "raspap",
"vendor": "raspap",
"versions": [
{
"lessThanOrEqual": "3.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T19:08:56.050888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T19:10:08.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T23:20:46.895764",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dustri.org/b/carrot-disclosure.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28754",
"datePublished": "2024-03-08T00:00:00",
"dateReserved": "2024-03-08T00:00:00",
"dateUpdated": "2024-11-01T19:10:08.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28753 (GCVE-0-2024-28753)
Vulnerability from nvd – Published: 2024-03-08 00:00 – Updated: 2024-11-14 19:38
VLAI?
Summary
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-11T15:29:28.972020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T19:38:57.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://dustri.org/b/carrot-disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T23:21:01.410402",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dustri.org/b/carrot-disclosure.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28753",
"datePublished": "2024-03-08T00:00:00",
"dateReserved": "2024-03-08T00:00:00",
"dateUpdated": "2024-11-14T19:38:57.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39987 (GCVE-0-2022-39987)
Vulnerability from nvd – Published: 2023-08-01 00:00 – Updated: 2024-10-21 13:51
VLAI?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:07:43.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39987",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T13:51:39.940123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T13:51:48.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the \"entity\" POST parameters in /ajax/networking/get_wgkey.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php"
},
{
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-39987",
"datePublished": "2023-08-01T00:00:00",
"dateReserved": "2022-09-06T00:00:00",
"dateUpdated": "2024-10-21T13:51:48.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39986 (GCVE-0-2022-39986)
Vulnerability from nvd – Published: 2023-08-01 00:00 – Updated: 2024-10-21 14:32
VLAI?
Summary
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:07:42.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39986",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T14:31:56.932403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T14:32:09.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-15T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php"
},
{
"url": "https://medium.com/%40ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2"
},
{
"url": "http://packetstormsecurity.com/files/174190/RaspAP-2.8.7-Unauthenticated-Command-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-39986",
"datePublished": "2023-08-01T00:00:00",
"dateReserved": "2022-09-06T00:00:00",
"dateUpdated": "2024-10-21T14:32:09.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30260 (GCVE-0-2023-30260)
Vulnerability from nvd – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:01
VLAI?
Summary
Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:00:26.427115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:01:02.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://eldstal.se/advisories/230328-raspap.html"
},
{
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30260",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-04-07T00:00:00",
"dateUpdated": "2024-12-05T17:01:02.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38556 (GCVE-0-2021-38556)
Vulnerability from nvd – Published: 2021-08-24 12:33 – Updated: 2024-08-04 01:44
VLAI?
Summary
includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T12:33:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/0e1d652c5e55f812aaf2a5908884e9db179416ee/includes/configure_client.php"
},
{
"name": "https://zerosecuritypenetrationtesting.com/?page_id=306",
"refsource": "MISC",
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38556",
"datePublished": "2021-08-24T12:33:07",
"dateReserved": "2021-08-11T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38557 (GCVE-0-2021-38557)
Vulnerability from nvd – Published: 2021-08-24 12:33 – Updated: 2024-08-04 01:44
VLAI?
Summary
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T12:33:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers"
},
{
"name": "https://zerosecuritypenetrationtesting.com/?page_id=306",
"refsource": "MISC",
"url": "https://zerosecuritypenetrationtesting.com/?page_id=306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38557",
"datePublished": "2021-08-24T12:33:01",
"dateReserved": "2021-08-11T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33358 (GCVE-0-2021-33358)
Vulnerability from nvd – Published: 2021-06-09 17:53 – Updated: 2024-08-03 23:50
VLAI?
Summary
Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the \"interface\", \"ssid\" and \"wpa_passphrase\" POST parameters in /hostapd, when the parameter values contain special characters such as \";\" or \"$()\" which enables an authenticated attacker to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T17:53:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the \"interface\", \"ssid\" and \"wpa_passphrase\" POST parameters in /hostapd, when the parameter values contain special characters such as \";\" or \"$()\" which enables an authenticated attacker to execute arbitrary OS commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/8f0ae3b36aa1020d21477e66010c6b2146e7c222/app/img/wifi-qr-code.php"
},
{
"name": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php",
"refsource": "MISC",
"url": "https://github.com/RaspAP/raspap-webgui/blob/b02660d5ff8d9faa5d3ef49778b23e832851e0f4/includes/hostapd.php"
},
{
"name": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf",
"refsource": "MISC",
"url": "https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33358",
"datePublished": "2021-06-09T17:53:28",
"dateReserved": "2021-05-20T00:00:00",
"dateUpdated": "2024-08-03T23:50:42.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}