VYPR
Unrated severityNVD Advisory· Published Jun 9, 2021· Updated Aug 3, 2024

CVE-2021-33357

CVE-2021-33357

Description

A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • RaspAP/RaspAPdescription
  • RaspAP/RaspAPllm-fuzzy
    Range: >=2.6 <=2.6.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.