Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2021/09/02 5:10 p.m.56 views

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions.

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh wit...

9CVSS8.7AI score0.02224EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/08/24 1:15 p.m.24 views

CVE-2021-38556

includes/configureclient.php in RaspAP 2.6.6 allows attackers to execute commands via command injection...

8.8CVSS0.13039EPSS
Exploits1References3
Prion
Prion
added 2021/08/24 1:15 p.m.21 views

Command injection

includes/configureclient.php in RaspAP 2.6.6 allows attackers to execute commands via command injection...

6.5CVSS9.1AI score0.13039EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2021/08/24 1:15 p.m.16 views

Command injection

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh wit...

9CVSS8.8AI score0.02224EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/24 12:33 p.m.22 views

CVE-2021-38556

includes/configureclient.php in RaspAP 2.6.6 allows attackers to execute commands via command injection...

9.4AI score0.13039EPSS
Exploits1References3
Rows per page
Query Builder