CVE-2021-38557

HIGH8.8EPSS 0.73%

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions.

Published: 9/2/2021Modified: 11/8/2023

Description

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.

Affected packages (1)

Packagist/billz/raspap-webguifrom 0, <= 2.6.6

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-38557
PATCHhttps://github.com/RaspAP/raspap-webgui
WEBhttps://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b196a062/installers/raspap.sudoers
WEBhttps://zerosecuritypenetrationtesting.com/?page_id=306