Security Advisory

CVE-2022-39986

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-01 00:00:00

Last updated 2024-10-21 14:32:09

Assigner mitre

State PUBLISHED

Description

A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php.

← Browse all CVEs View on cve.org ↗