VYPR
Unrated severityNVD Advisory· Published Jun 9, 2021· Updated Aug 3, 2024

CVE-2021-33358

CVE-2021-33358

Description

Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • RaspAP/RaspAPdescription
  • RaspAP/RaspAPllm-fuzzy
    Range: 2.3 to 2.6.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.