📦 Raspap

CVE-2022-39986 is an unauthenticated command injection vulnerability in RaspAP web interface versions 2.8.0 through 2.8.7. Attackers can execute arbitrary commands on affected systems by sending malic...

CVE-2021-33357 is a critical command injection vulnerability in RaspAP web interface that allows unauthenticated attackers to execute arbitrary operating system commands on affected systems. The vulne...

CVE-2024-28754 is a vulnerability in RaspAP (raspap-webgui) that allows remote attackers to send crafted requests causing persistent denial of service, effectively bricking the device. This affects al...

CVE-2021-38557 allows attackers to execute arbitrary commands as root on RaspAP 2.6.6 installations. The vulnerability exists because the www-data user can both execute a specific script with sudo pri...