CVE-2023-30260 Information

Description

Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form.

Reference

https://eldstal.se/advisories/230328-raspap.html https://github.com/RaspAP/raspap-webgui/pull/1322