CVE-2020-24572
An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured and virtually unrestricted web console to attack the underlying OS Raspberry Pi running this software, and execute commands on the system including ones for uploading o...