Fruitywifi Project Fruitywifi — known CVE vulnerabilities
Every CVE whose affected-product data names Fruitywifi Project Fruitywifi, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-17317 — CVSS 9.8 (critical): FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
CVE-2018-19168 — CVSS 9.8 (critical): Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to…
CVE-2020-24849 — CVSS 8.8 (high): A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from…
CVE-2020-24848 — CVSS 7.8 (high): FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level…
CVE-2020-24847 — CVSS 4.3 (medium): A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in…