Webmin Edit_html.cgi File Parameter Traversal Arbitrary File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin edithtml.cgi file Parameter Traversal Arbitrary File Access', 'Description' = %q This module exploits a directory traversal in Webmin 1.58...

Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access

This module exploits a directory traversal in Webmin 1.580. The vulnerability exists in the edithtml.cgi component and allows an authenticated user with access to the File Manager Module to access arbitrary files with root privileges. The module has been tested successfully with Webmin 1.580 over...