CVE-2018-19168

Shell Metacharacter Injection in www/modules/save.php in FruityWifi aka PatatasFritas/PatataWifi through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted modname parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid...

FruityWifi Code Execution Vulnerability

FruityWifi is a wireless network auditing tool. A security vulnerability exists in the www/modules/save.php file in FruityWifi 2.4 and earlier versions. A remote attacker can exploit this vulnerability by sending a specially crafted 'modname' parameter via a POST request to execute arbitrary code...