CNNVD-202602-163 Information

CNNVD ID

CNNVD-202602-163

Related CVE

CVE-2026-24788

• CNNVD Published: 2026-02-02

Description (Chinese)

raspap-webgui是RaspAP开源的一个无线路由器设置软件。 raspap-webgui 3.3.6之前版本存在操作系统命令注入漏洞，该漏洞源于容易受到OS命令注入攻击，可能导致执行任意OS命令。

Description (English)

Raspap-webgui is a no-wire router setup software for RaspaP open source. Pre-version of Raspap-webgui 3.3.6 has a loophole in the operating system, which stems from the vulnerability of OS orders to attack and may lead to the execution of arbitrary OS orders.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

RaspAP

Published

2026-02-02

Last Modified

2026-02-24

References

https://jvn.jp/en/jp/JVN27202136/ https://github.com/RaspAP/raspap-webgui/releases https://access.redhat.com/security/cve/cve-2026-24788

Patch

https://raspap.com/