Headline
GHSA-q623-2j2j-23jj: RaspAP allows an attacker to escalate privileges
RaspAP before 3.1.5 allows an attacker to escalate privileges: the www-data user has write access to the restapi.service file and also possesses Sudo privileges to execute several critical commands without a password.
RaspAP allows an attacker to escalate privileges
Critical severity GitHub Reviewed Published Jul 29, 2024 to the GitHub Advisory Database • Updated Jul 29, 2024
Related news
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's