Submit #294400: RaspAP RaspAP Web GUI 3.0.9 latest version Code Injection Leading to Remote Code Execution (RCE) in RaspAPinfo

TitelRaspAP RaspAP Web GUI 3.0.9 latest version Code Injection Leading to Remote Code Execution (RCE) in RaspAP
Beschreibung## **Vulnerability Overview:** - **Vulnerability Name:** Code Injection - **Affected Software:** RaspAP-WebGUI - **Vulnerability Location:** **`includes/provider.php`** (Line 53) - **Severity:** Critical ## **2. Description:** The RaspAP-WebGUI application is vulnerable to code injection due to improper handling of user-controlled input in the **`$_POST['country']`** parameter. The vulnerable code snippet can be found in the **`provider.php`** file. **3. Vulnerable Code:** ```php phpCopy code if (isset($_POST['SaveProviderSettings'])) { if (isset($_POST['country'])) { $country = escapeshellarg(trim($_POST['country'])); if (strlen($country) == 0) { $status->addMessage('Select a country from the server location list', 'danger'); } else { $return = saveProviderConfig($status, $binPath, $country, $id); } } } ``` - **Vulnerability Name:** Code Injection - **Affected Software:** RaspAP-WebGUI - **Vulnerability Location:** **`includes/provider.php`** (Line 53) - **Severity:** High **2. Description:** The RaspAP-WebGUI application is vulnerable to code injection due to improper handling of user-controlled input in the **`$_POST['country']`** parameter. The vulnerable code snippet can be found in the **`provider.php`** file. **3. Vulnerable Code:** ```php phpCopy code if (isset($_POST['SaveProviderSettings'])) { if (isset($_POST['country'])) { $country = escapeshellarg(trim($_POST['country'])); if (strlen($country) == 0) { $status->addMessage('Select a country from the server location list', 'danger'); } else { $return = saveProviderConfig($status, $binPath, $country, $id); } } } ``` ### **Impact:** - Remote code execution (RCE) on the server. - Unauthorized access to sensitive data. - Compromise of system security. - Potential disruption of service availability.
Quelle⚠️ https://toradah.notion.site/Code-Injection-Leading-to-Remote-Code-Execution-RCE-in-RaspAP-Web-GUI-d321e1a416694520bec7099253c65060?pvs=4
Benutzer
 torada (UID 61170)
Einreichung06.03.2024 20:22 (vor 2 Jahren)
Moderieren15.03.2024 12:50 (9 days later)
StatusAkzeptiert
VulDB Eintrag256919 [RaspAP raspap-webgui 3.0.9 HTTP POST Request includes/provider.php Land erweiterte Rechte]
Punkte17

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!