omriinbar/RaspAP-Vulnerabilities.txt

## RaspAP-Vulnerabilities.txt
CVE-2021-33356
Vulnerable Product Version: RaspAP 1.5 to (and including) 2.6.5
Vulnerability Type: Privilege Escalation due to Execution with Unnecessary Privileges (CWE-250)
Description: Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.


CVE-2021-33357
Vulnerable Product Version: RaspAP 2.6 to (and including) 2.6.5
Vulnerability Type: OS Command Injection (CWE-78)
Description: A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.


CVE-2021-33358
Vulnerable Product Version: RaspAP 2.3 to (and including) 2.6.5
Vulnerability Type: OS Command Injection (CWE-78)
Description: Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameter in /hostapd, when the parameters values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.
	CVE-2021-33356
	Vulnerable Product Version: RaspAP 1.5 to (and including) 2.6.5
	Vulnerability Type: Privilege Escalation due to Execution with Unnecessary Privileges (CWE-250)
	Description: Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.


	CVE-2021-33357
	Vulnerable Product Version: RaspAP 2.6 to (and including) 2.6.5
	Vulnerability Type: OS Command Injection (CWE-78)
	Description: A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.



	CVE-2021-33358
	Vulnerable Product Version: RaspAP 2.3 to (and including) 2.6.5
	Vulnerability Type: OS Command Injection (CWE-78)
	Description: Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameter in /hostapd, when the parameters values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.