CVE-2021-38557 — HIGH (8.8)

Vulnerability Description

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Raspap	Raspap	2.6.6

Related Weaknesses (CWE)

CWE-732

References

https://github.com/RaspAP/raspap-webguiProduct
https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b19Third Party Advisory
https://zerosecuritypenetrationtesting.com/?page_id=306ExploitThird Party AdvisoryURL Repurposed
https://github.com/RaspAP/raspap-webguiProduct
https://github.com/RaspAP/raspap-webgui/blob/fabc48c7daae4013b9888f266332e510b19Third Party Advisory
https://zerosecuritypenetrationtesting.com/?page_id=306ExploitThird Party AdvisoryURL Repurposed

FAQ

What is CVE-2021-38557?

CVE-2021-38557 is a vulnerability with a CVSS score of 8.8 (HIGH). raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with n...

How severe is CVE-2021-38557?

CVE-2021-38557 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-38557?

Check the references section above for vendor advisories and patch information. Affected products include: Raspap Raspap.