2 matches found
Command injection
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfgid parameter in /ajax/openvpn/activateovpncfg.php and /ajax/openvpn/delovpncfg.php...
RaspAP Command Injection Vulnerability
RaspAP is a simple wireless AP setup and management for Debian-based devices. A security vulnerability exists in RaspAP versions 2.8.0 through 2.8.7 that stems from the presence of a command injection vulnerability. Allows an attacker to execute arbitrary commands via the parameter cfgid...