RaspAP 2.5 Authenticated RCE
You would be able to deduce the name of the application based on Nikto scans, moreover the default credentials for this application are admin:secret.
This exploit will guide the way.
Or check walla for an example.
Last updated