billz/raspap-webgui Security Advisories for 2.5 (7)
-
[HIGH] raspap-webgui has a Directory Traversal vulnerability
PKSA-39wq-fxs7-zymy CVE-2025-44163 GHSA-277f-37gw-9gmq
Affected version: <3.3.6
Reported by:
GitHub -
[CRITICAL] RaspAP allows an attacker to escalate privileges
PKSA-fnmc-s4nq-ydpw CVE-2024-41637 GHSA-q623-2j2j-23jj
Affected version: <=3.1.4
Reported by:
GitHub -
[MEDIUM] RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php`
PKSA-cfpm-fx6k-5ggt CVE-2024-2497 GHSA-99wg-vmvq-2cp5
Affected version: <=3.0.9
Reported by:
GitHub -
[HIGH] raspap-webgui vulnerable to denial of service
PKSA-4gh1-k8dy-rw9d CVE-2024-28754 GHSA-vc9f-mgxr-h32r
Affected version: <3.1.0
Reported by:
GitHub -
[HIGH] RaspAP raspap-webgui Command Injection vulnerability
PKSA-38bq-8q68-st8x CVE-2023-30260 GHSA-hhqm-f4m4-pq39
Affected version: <2.8.9
Reported by:
GitHub -
[HIGH] Command Injection in RaspAP 2.6.6
PKSA-wmkh-4v2v-8mdp CVE-2021-38556 GHSA-7vph-p634-vrqf
Affected version: <=2.6.6
Reported by:
GitHub -
[HIGH] raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions.
PKSA-4z2y-yqm8-zft4 CVE-2021-38557 GHSA-536p-4pcj-5mr9
Affected version: <=2.6.6
Reported by:
GitHub