RaspAP 漏洞列表
共找到 8 个与 RaspAP 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-33357: RaspAP <=2.6.5 - Remote Command Injection POC
RaspAP 2.6 to 2.6.5 allows unauthenticated attackers to execute arbitrary OS commands via the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";". -
CVE-2022-39986: RaspAP 2.8.7 - Unauthenticated Command Injection POC
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. -
CVE-2021-33357: RaspAP <=2.6.5 - Remote Command Injection POC
RaspAP 2.6 to 2.6.5 allows unauthenticated attackers to execute arbitrary OS commands via the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";". -
CVE-2022-39986: RaspAP 2.8.7 - Unauthenticated Command Injection POC
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. -
RaspAP /del_ovpncfg.php 命令执行漏洞(CVE-2022–39986) 无POC
RaspAP是一个可以将树莓派轻松部署成无线AP(Access Point)的软件方案,具有一套响应式的WebUI 来控制WiFi,用起来和家用路由器一样方便。RaspAP存在命令执行漏洞,攻击者可以在目标服务器上执行任意命令。 -
RaspAP CVE-2022-39986 命令注入漏洞 无POC
-
RaspAP命令执行漏洞(CVE-2022-39986) 无POC
RaspAP是一个可以将树莓派轻松部署成无线AP(Access Point)的软件方案,具有一套响应式的WebUI来控制WiFi,用起来和家用路由器一样方便。RaspAP存在命令执行漏洞,攻击者可以在目标服务器上执行任意命令。 -
RaspAP远程命令执行漏洞(CVE-2021-33357) 无POC
RaspAP是一个可以将树莓派轻松部署成无线AP(Access Point)的软件方案,具有一套响应式的WebUI 来控制WiFi,用起来和家用路由器一样方便。在/ajax/networking/GET_netcfg.php中的“iface”GET参数中,当“iface”参数值包含“;”等特殊字符时,RaspAP2.6至2.6.5使未经验证的攻击者能够执行任意OS命令。