Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.18 views

CVE-2020-35606

Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840...

9CVSS8AI score0.77835EPSS
Exploits10
Check Point Advisories
Check Point Advisories
added 2021/01/20 12:0 a.m.69 views

Webmin Command Injection (CVE-2020-35606; CVE-2022-36446)

A command injection vulnerability exists in Webmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.6AI score0.96049EPSS
Exploits10
OpenVAS
OpenVAS
added 2020/12/23 12:0 a.m.31 views

Webmin <= 1.983 RCE Vulnerability

Webmin is prone to a remote code execution RCE vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2020/12/22 12:0 a.m.441 views

Webmin 1.962 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...

9CVSS8.7AI score0.77835EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/12/22 12:0 a.m.594 views

Webmin 1.962 - &#039;Package Updates&#039; Escape Bypass RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...

8.7AI score
Exploits0
Circl
Circl
added 2020/12/21 10:52 p.m.14 views

CVE-2020-35606

creationtimestamp| type| source ---|---|--- 2020-12-21 22:52:17+00:00| seen| https://t.me/cibsecurity/21140 2020-12-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49318 2020-12-31 18:30:13+00:00| seen| https://t.me/CyberSecurityTechnologies/2350 2024-11-14 06:07:39+00:00| seen|...

9CVSS8.2AI score0.28048EPSS
Exploits2References3
OSV
OSV
added 2020/12/21 8:15 p.m.27 views

CVE-2020-35606

Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840...

8.8CVSS7.8AI score
Exploits0References4
CVE
CVE
added 2020/12/21 7:19 p.m.114 views

CVE-2020-35606

CVE-2020-35606 affects Webmin 1.962 and earlier. An authenticated user in the Package Updates module can trigger arbitrary commands with root privileges via vectors involving %0A and %0C, due to an incomplete fix for CVE-2019-12840. Public references describe this as a remote command execution vu...

9CVSS9AI score0.28048EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder