Apache RCE vulnerability on RPI

The Raspberry Pi is a series of credit card-sized single-board computers developed in the United Kingdom by the Raspberry Pi Foundation to promote the teaching of basic computer science in schools and developing countries.

Post Reply
User avatar
/RaspberryPi
Corporate
Posts: 2449
Joined: Wed Jun 05, 2019 1:29 am

Apache RCE vulnerability on RPI

Post by /RaspberryPi »


Yea, I'm going to search on my own but I thought I'd ask here also.

About a year ago, I had Apache installed on one of my RPIs. I started getting intrusion reports from my router. Since I've learned a bit on TryHackMe, I ran OWASP Zap. It turned up that my Pi had a version of Apache that was vulnerable to Remote Code Execution. Sure enough, someone had tampered with my cameras. I took both of my Pi's off the network and the problem went away. I'm kind of wanting to start using them again and wondered if anyone knew about this vulnerability and if it has been fixed.

I suppose I'll have to just boot them back up and do a apt update and see if there is a new version, back then there wasn't. So this is sort of an ask for help and a heads up to those who may not have known about it.
submitted by /u/WRWhizard
[link] [comments]

Source: https://www.reddit.com/r/raspberry_pi/c ... ty_on_rpi/
/RaspberryPi
Top
Post Reply

Return to “Raspberry Pi Forum”