# CVE-2022-39986 Proof of Concept for RaspAP RCE

Proof of Concept script for exploiting the RaspAP (CVE-2022-39986) vulnerability. This vulnerability allows an attacker to execute arbitrary commands on a target system through `ajax/openvpn/del_ovpncfg.php` API endpoint.

## Usage

1. Clone this repository to your local machine:

   git clone 
   cd RaspAP-CVE-2022-39986-PoC
2. Run the exploit script:

    ```python3 [target IP] [target port] [command/"command with flags"]```


`python3 8080 "ls -la"`

## Disclaimer

This PoC script is provided for educational and research purposes only. The author and contributors are not responsible for any misuse, damage, or illegal activities caused by the use of this script.