"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2020-08-24 20:01:36 +00:00 · 2020-08-24 20:01:36 +00:00 · dcacb7cdd4
commit dcacb7cdd4
parent 882567d521
1 changed files with 65 additions and 6 deletions
--- a/2020/24xxx/CVE-2020-24572.json
+++ b/2020/24xxx/CVE-2020-24572.json
@ -1,17 +1,76 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2020-24572",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-24572",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/billz/raspap-webgui/releases",
+                "refsource": "MISC",
+                "name": "https://github.com/billz/raspap-webgui/releases"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/lb0x",
+                "url": "https://github.com/lb0x"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/billz/raspap-webgui/commit/dd5ab7bdc213381ee552001dd80c41ca47afab00",
+                "url": "https://github.com/billz/raspap-webgui/commit/dd5ab7bdc213381ee552001dd80c41ca47afab00"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://deadb0x.io/lunchb0x/cve-2020-24572/",
+                "url": "https://deadb0x.io/lunchb0x/cve-2020-24572/"
            }
        ]
    }