Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:58 a.m.6 views

CVE-2018-19168

Shell Metacharacter Injection in www/modules/save.php in FruityWifi aka PatatasFritas/PatataWifi through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted modname parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid...

10CVSS8AI score0.04544EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:50 a.m.6 views

CVE-2020-24847

A Cross-Site Request Forgery CSRF vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in pageconfigadv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticate...

4.3CVSS7.1AI score0.00138EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:49 a.m.4 views

CVE-2020-24848

FruityWifi through 2.4 has an unsafe Sudo configuration ALL : ALL NOPASSWD: ALL. This allows an attacker to perform a system-level root local privilege escalation, allowing an attacker to gain complete persistent access to the local system...

7.8CVSS7AI score0.0003EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-17558

Malware in sbrugna...

8.8CVSS9.3AI score0.04767EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-17557

Malware in sbrugna...

7.8CVSS7.6AI score0.0003EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-17556

Malware in sbrugna...

4.3CVSS4.9AI score0.00138EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-9072

Malware in sbrugna...

9.8CVSS9.1AI score0.03EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/22 4:6 p.m.6 views

CVE-2020-24849

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...

9.8CVSS7.5AI score0.04767EPSS
Exploits2
Packet Storm
Packet Stormadded 2022/03/26 12:0 a.m.92 views

FruityWifi Remote Code Execution

!/usr/bin/python3 -- coding: utf-8 -- usage: ./akhlutprowlingterror.py http://phishingsiteurl text=''' -o==============o- ████ ██████ ██████ ██ ██ ██████ ▓▓ ██ ██████ ██ ██████ ██▓▓ ██ ██████ ▓▓ ██ ▒▒ ██ ████ ▓▓ ██ ██████ ██▓▓ ████ ██████ ▓▓████ ██ ▓▓ ██████ ████████ ████▓▓ ██████ ██████ ████████...

7.4AI score
Exploits0
CNVD
CNVDadded 2020/11/06 12:0 a.m.3 views

FruityWifi Remote Code Execution Vulnerability

FruityWiFi is an open source tool for auditing wireless networks. A remote code execution vulnerability exists in FruityWifi 2.4 and earlier versions. The vulnerability stems from improper escaping of shell metacharacters obtained from a POST request from the pageconfigadv.php page. An attacker c...

8.8CVSS8.5AI score0.04767EPSS
Exploits1References1
NVD
NVDadded 2020/11/05 3:15 p.m.14 views

CVE-2020-24849

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...

8.8CVSS9.4AI score0.04767EPSS
Exploits1References3
OSV
OSVadded 2020/11/05 3:15 p.m.8 views

CVE-2020-24849

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...

8.8CVSS7.5AI score
Exploits0References3
Prion
Prionadded 2020/11/05 3:15 p.m.15 views

Remote code execution

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...

6.5CVSS9.4AI score0.04767EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2020/11/05 2:19 p.m.12 views

CVE-2020-24849

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...

9.4AI score0.04767EPSS
Exploits1References3
CVE
CVEadded 2020/11/05 2:19 p.m.43 views

CVE-2020-24849

FruityWifi up to version 2.4 is affected by a Shell Metacharacter Injection vulnerability. Red Hat CVE-2018-19168 describes exploitation in www/modules/save.php via a crafted mod_name in a POST request, enabling remote code execution with root privileges. The root cause is improper escaping of sh...

8.8CVSS9.3AI score0.04767EPSS
Exploits1References3Affected Software1
CNVD
CNVDadded 2020/10/26 12:0 a.m.2 views

FruityWifi Elevation of Privilege Vulnerability

FruityWifi is a wireless network auditing tool. A security vulnerability exists in FruityWifi version 2.4 and prior versions, which stems from the presence of a fail-safe Sudo configuration ALL: ALL NOPASSWD: ALL. The vulnerability can be exploited by an attacker to perform a system-level root...

7.8CVSS7.1AI score0.0003EPSS
Exploits1References1
CNVD
CNVDadded 2020/10/26 12:0 a.m.2 views

FruityWifi Cross-Site Request Forgery Vulnerability

FruityWifi is a wireless network auditing tool. A cross-site request forgery vulnerability exists in FruityWifi version 2.4 and earlier versions, which stems from the lack of CSRF protection in page config .php, and can be exploited by an unauthenticated attacker to lure a victim to visit his/her...

4.3CVSS6.8AI score0.00138EPSS
Exploits1References1
OSV
OSVadded 2020/10/23 7:15 p.m.11 views

CVE-2020-24847

A Cross-Site Request Forgery CSRF vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in pageconfigadv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticate...

4.3CVSS7AI score
Exploits0References1
NVD
NVDadded 2020/10/23 7:15 p.m.14 views

CVE-2020-24848

FruityWifi through 2.4 has an unsafe Sudo configuration ALL : ALL NOPASSWD: ALL. This allows an attacker to perform a system-level root local privilege escalation, allowing an attacker to gain complete persistent access to the local system...

7.8CVSS0.0003EPSS
Exploits1References2
NVD
NVDadded 2020/10/23 7:15 p.m.9 views

CVE-2020-24847

A Cross-Site Request Forgery CSRF vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in pageconfigadv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticate...

4.3CVSS0.00138EPSS
Exploits1References1
Rows per page
Query Builder