CVE-2024-41637 Information

Description

RaspAP before 3.1.5 allows an attacker to escalate privileges: the www-data user has write access to the restapi.service file and also possesses Sudo privileges to execute several critical commands without a password.

Reference

https://github.com/RaspAP/raspap-webgui https://blog.0xzon.dev/2024-07-27-CVE-2024-41637/