Lucene search
Veracode Vulnerability DatabaseVERACODE:31759HistoryAug 19, 2021 - 10:27 a.m.
Privilege Escalation
2021-08-1910:27:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.003 Low
EPSS
Percentile
70.5%
billz/raspap-webgui is vulnerable to Privilege Escalation via OS commaind injection. An attacker can send an input of “a && whoami” to append strval($POST’connect’]) to the end of the exec() function in configureclient.php , executing /etc/raspap/hostapd/enablelog.sh as root with no password and overwriting of the www-data account.
| CPE | Name | Operator | Version |
|---|---|---|---|
| billz/raspap-webgui | le | 2.8.6 | |
| billz/raspap-webgui | le | 2.8.6 |
References
github.com/RaspAP/raspap-webgui
github.com/RaspAP/raspap-webgui/blob/48feef88ffa06979acc9773fe12d8b2fdd6e5e4f/includes/configure_client.php#L20
github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers
github.com/RaspAP/raspap-webgui/issues/987
zerosecuritypenetrationtesting.com/?page_id=306
Related
nvd
nvd
CVE-2021-38557
2021-08-24 13:15:14
osv
osv
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions.
2021-09-02 17:10:52
CVE-2021-38557
2021-08-24 13:15:14
cnvd
cnvd
RaspAP Remote Code Execution Vulnerability (CNVD-2021-94941)
2021-08-25 00:00:00
github
github
cve
cve
CVE-2021-38557
2021-08-24 13:15:14
prion
prion
Command injection
2021-08-24 13:15:00
cvelist
cvelist
CVE-2021-38557
2021-08-24 12:33:01