RaspAP Operating System Command Injection Vulnerability (CVE-2021-33357)

RaspAP is an application software for simple wireless AP setup and management for Debian based devicesThere is an operating system command injection vulnerability in RaspAP, which stems from improper filtering of special characters such as ";" in the "iface" parameter in RaspAP versions 2.6 to 2.6.5. An attacker can use this vulnerability to execute arbitrary operating system commands.