Lucene search
GoogleOSV:CVE-2021-33357HistoryJun 09, 2021 - 6:15 p.m.
CVE-2021-33357
2021-06-0918:15:08
Google
osv.dev
2
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the “iface” GET parameter in /ajax/networking/get_netcfg.php, when the “iface” parameter value contains special characters such as “;” which enables an unauthenticated attacker to execute arbitrary OS commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| raspap-webgui | eq | 2.6 | |
| raspap-webgui | eq | 2.6.1 | |
| raspap-webgui | eq | 2.6.4 | |
| raspap-webgui | eq | 2.6.5 | |
| raspap-webgui | eq | 2.6.2 | |
| raspap-webgui | eq | 2.6.3 |
Related
nvd
nvd
CVE-2021-33357
2021-06-09 18:15:08
cve
cve
CVE-2021-33357
2021-06-09 18:15:08
cvelist
cvelist
CVE-2021-33357
2021-06-09 17:51:55
prion
prion
Design/Logic Flaw
2021-06-09 18:15:00
nuclei
nuclei
RaspAP <=2.6.5 - Remote Command Injection
2021-10-03 12:37:22
checkpoint_advisories
checkpoint_advisories
RaspAP Command Injection (CVE-2021-33357)
2021-12-30 00:00:00
attackerkb
attackerkb
CVE-2021-33357
2021-06-09 00:00:00