Lucene search
+L

5 matches found

metasploit
metasploit
added 2023/08/15 7:50 p.m.259 views

RaspAP Unauthenticated Command Injection

RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...

9.8CVSS9AI score0.98725EPSS
Exploits3
zdt
zdt
added 2023/08/15 12:0 a.m.419 views

RaspAP 2.8.7 Unauthenticated Command Injection Exploit

RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...

9.8CVSS8.3AI score0.98725EPSS
Exploits3
packetstorm
packetstorm
added 2023/08/15 12:0 a.m.381 views

RaspAP 2.8.7 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RaspAP Unauthenticated Command Injection', 'Description' = %q RaspAP is feature-rich wireless router software that just works on many popular...

9.8CVSS7.1AI score0.98725EPSS
Exploits3
circl
circl
added 2023/08/01 6:38 p.m.22 views

CVE-2022-39986

creationtimestamp| type| source ---|---|--- 2023-08-01 18:38:44+00:00| seen| https://t.me/cibsecurity/67513 2023-08-15 03:51:23+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/raspaprce.rb 2023-08-27 17:49:56+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.98725EPSS
In wildExploits3References6
cve
cve
added 2023/08/01 12:0 a.m.129 views

CVE-2022-39986

RaspAP 2.8.0–2.8.7 is affected by an unauthenticated command-injection vulnerability. An attacker can inject commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php, potentially leading to remote code execution. Public exploitation tooling exists ...

9.8CVSS9.8AI score0.98725EPSS
In wildExploits3References3Affected Software1
Rows per page
Query Builder