CVE-2024-28753
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
More information : https://dustri.org/b/carrot-disclosure.html
RaspAP (aka raspap-webgui) through 3.0.9 allows remote attackers to read the /etc/passwd file via a crafted request.
More information : https://dustri.org/b/carrot-disclosure.html