Raspap · Raspap · CVE-2024-28753
**Name of the Vulnerable Software and Affected Versions**
RaspAP (aka raspap-webgui) versions 3.0.9 and earlier
**Description**
The issue allows remote attackers to read the /etc/passwd file via a crafted request.
**Recommendations**
For RaspAP (aka raspap-webgui) versions 3.0.9 and earlier, update to a version later than 3.0.9 to resolve the issue.