billz

13 exploits Active since Aug 2020
CVE-2021-33356 WRITEUP HIGH WRITEUP
RaspAP <2.6.5 - Privilege Escalation
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CVSS 8.8
CVE-2021-33356 WRITEUP HIGH WRITEUP
RaspAP <2.6.5 - Privilege Escalation
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CVSS 8.8
CVE-2020-24572 WRITEUP HIGH WRITEUP
RaspAP 2.5 - Authenticated OS Command Injection via Web Console
An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code).
CVSS 8.8
CVE-2021-33356 WRITEUP HIGH WRITEUP
RaspAP <2.6.5 - Privilege Escalation
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CVSS 8.8
CVE-2021-33356 WRITEUP HIGH WRITEUP
RaspAP <2.6.5 - Privilege Escalation
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CVSS 8.8
CVE-2021-33356 WRITEUP HIGH WRITEUP
RaspAP <2.6.5 - Privilege Escalation
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CVSS 8.8
CVE-2023-38317 WRITEUP CRITICAL WRITEUP
OpenNDS <10.1.3 - Command Injection
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS 9.8
CVE-2023-38318 WRITEUP CRITICAL WRITEUP
OpenNDS <10.1.3 - Command Injection
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS 9.8
CVE-2023-38319 WRITEUP CRITICAL WRITEUP
OpenNDS <10.1.3 - Command Injection
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS 9.8
CVE-2023-38321 WRITEUP HIGH WRITEUP
Sierra Wireless ALEOS <4.17.0.12 - DoS
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.
CVSS 7.5
CVE-2023-38323 WRITEUP CRITICAL WRITEUP
OpenNDS <10.1.3 - Command Injection
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVSS 9.8
CVE-2023-38324 WRITEUP MEDIUM WRITEUP
OpenNDS Captive Portal < 10.1.2 - Authentication Bypass via Default FAS Key
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and OpenWrt 22.03 on 28. August 2023 by updating OpenNDS to version 10.1.3.
CVSS 5.3
CVE-2024-36622 WRITEUP CRITICAL WRITEUP
RaspAP raspap-webgui <3.0.9 - Command Injection
In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnerability exists in the clearlog.php script. The vulnerability is due to improper sanitization of user input passed via the logfile parameter.
CVSS 9.8