Page 2 of 11 results (0.007 seconds)
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2020-24572
https://notcve.org/view.php?id=CVE-2020-24572
24 Aug 2020 — An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code). Se detectó un problema en el archivo includes/webconsole.php en RaspAP versión 2.5. Con acceso autenticado, un atacante puede usar una consola web mal configurada (y virtualmente... • https://github.com/gerbsec/CVE-2020-24572-POC • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •