admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

add : CVE-2021-33357

Browse Source
This commit is contained in:
gaopeng2 2022-06-24 12:02:08 +08:00
parent 92e794f91b
commit 75e7b8df85
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
RaspAP/CVE-2021-33357/CVE-2021-33357.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB

10
RaspAP/CVE-2021-33357/README.md Normal file
View File

@ -0,0 +1,10 @@
# RaspAP Operating System Command Injection Vulnerability (CVE-2021-33357)
RaspAP is an application software for simple wireless AP setup and management for Debian based devicesThere is an operating system command injection vulnerability in RaspAP, which stems from improper filtering of special characters such as \";\" in the \"iface\" parameter in RaspAP versions 2.6 to 2.6.5. An attacker can use this vulnerability to execute arbitrary operating system commands.
FOFA **query rule**: [header="RaspAP"|| banner="RaspAP"](https://fofa.info/result?qbase64=aGVhZGVyPSJSYXNwQVAifHwgYmFubmVyPSJSYXNwQVAi)
# Demo
![CVE-2021-33357](CVE-2021-33357.gif)