CVE-2020-24572
/Practice/Walla/3-Exploitation/attachments/{B1BB6DE5-54FB-4BB4-BB96-0B79F5755125}.png)
A vulnerability, which was classified as critical, has been found in RaspAP 2.5. This issue affects some unknown functionality of the file includes/webconsole.php of the component Web Console. The manipulation with an unknown input leads to a os command injection vulnerability. Using CWE to declare the problem leads to CWE-78. The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. Impacted is confidentiality, integrity, and availability.