Описание
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.5 (включая) до 2.6.5 (включая)
cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11122
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-269
Связанные уязвимости
github
больше 3 лет назад
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
EPSS
Процентиль: 93%
0.11122
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-269