Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-39987

Disclosure Date: August 01, 2023 (last updated October 08, 2023)
A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0