RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-03-09
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to cause a persistent denial of service (bricking) via a crafted request.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-03-09
Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.
CVSS Score
8.8
EPSS Score
0.027
Published
2023-06-23