Exploitation

The application was called raspap, upon entering the webserver the application had an authentication login page.

The application's default credentials were 'admin:secret'

I used python to get a reverse shell.

GitHub - gerbsec/CVE-2020-24572-POC: An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS running this software, and execute commands on the system including ones for uploading of files and execution of code.GitHub