Webmin 1.984 File Manager Remote Code Execution
In Webmin version 1.984, any authenticated low privilege user without
access rights to the File Manager module could interact with file manager functionalities such as downloading files from remote URLs and changing
file permissions. It is possible to achieve remote code execution via a
crafted .cgi file by chaining those functionalities in the file manager.
https://packetstormsecurity.com/files/169700/webmin_file_manager_rce.rb.txt
Wed, 02 Nov 2022 15:02:56 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com