CVE-2024-36622

Published: Nov 29, 2024

Modified: Dec 3, 2024

PUBLISHED

Description

In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnerability exists in the clearlog.php script. The vulnerability is due to improper sanitization of user input passed via the logfile parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/raspap/raspap-webgui/commit/c98d2b0c15942b4829d31dec615b9b40cc6faa14#diff-939ee414d82245c3b3dd7d36b57f10706e06e8f0871b24bdcf9de6e0d181c4c9

https://github.com/RaspAP/raspap-webgui/blob/3.0.9/ajax/logging/clearlog.php

https://gist.github.com/1047524396/ab997b902ec892e592a0df93f38e6941

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-36622

Description

Affected Products

References