Security Advisory

CVE-2021-33358

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-09 17:53:28

Last updated 2024-08-03 23:50:42

Assigner mitre

State PUBLISHED

Description

Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.

← Browse all CVEs View on cve.org ↗