CVE-2024-41637
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-41637
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41637.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-41637
- Aliases
- Published
- 2024-07-29T06:15:02Z
- Modified
- 2024-10-12T11:28:00.085679Z
- Summary
- [none]
- Details
-
RaspAP before 3.1.5 allows an attacker to escalate privileges: the www-data user has write access to the restapi.service file and also possesses Sudo privileges to execute several critical commands without a password.
- References
Affected packages
Git / github.com/raspap/raspap-webgui
Affected ranges
- Type
- GIT
- Repo
- https://github.com/raspap/raspap-webgui
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0
1.3.1
1.4.0
1.4.1
1.5
1.5.1
1.6
1.6.1
1.6.2
2.*
2.0
2.1
2.2
2.3
2.3.1
2.4
2.4-beta
2.4.1
2.5
2.5.1
2.5.2
2.6
2.6-beta
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.7.0
2.7.1
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
3.*
3.0
3.0-beta
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
v1.*
v1.0
v1.1
v1.2.0
v1.2.1
v1.3.0