Lucene search
K

5 matches found

Metasploit
Metasploit
added 2023/08/15 7:50 p.m.257 views

RaspAP Unauthenticated Command Injection

RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...

9.8CVSS9AI score0.98725EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/08/15 12:0 a.m.379 views

RaspAP 2.8.7 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RaspAP Unauthenticated Command Injection', 'Description' = %q RaspAP is feature-rich wireless router software that just works on many popular...

9.8CVSS7.1AI score0.98725EPSS
Exploits3
0day.today
0day.today
added 2023/08/15 12:0 a.m.418 views

RaspAP 2.8.7 Unauthenticated Command Injection Exploit

RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...

9.8CVSS8.3AI score0.98725EPSS
Exploits3
Circl
Circl
added 2023/08/01 6:38 p.m.22 views

CVE-2022-39986

creationtimestamp| type| source ---|---|--- 2023-08-01 18:38:44+00:00| seen| https://t.me/cibsecurity/67513 2023-08-15 03:51:23+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/raspaprce.rb 2023-08-27 17:49:56+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.98725EPSS
In wildExploits3References6
CVE
CVE
added 2023/08/01 12:0 a.m.128 views

CVE-2022-39986

RaspAP 2.8.0–2.8.7 is affected by an unauthenticated command-injection vulnerability. An attacker can inject commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php, potentially leading to remote code execution. Public exploitation tooling exists ...

9.8CVSS9.8AI score0.98725EPSS
In wildExploits3References3Affected Software1
Rows per page
Query Builder