Privilege escalation in Webmin
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-9624 |
| CWE-ID | CWE-434 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
Webmin Web applications / Remote management & hosting panels |
| Vendor | Webmin |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Dangerous file upload
EUVDB-ID: #VU17929
Risk: Medium
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:F/RL:U/RC:C]
CVE-ID: CVE-2019-9624
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to the application allows uploading of .cgi files via the /updown/upload.cgi URL. A remote authenticated attacker with Java file manager and Upload and Download privileges can upload and execute arbitrary .cgi file on the server with root privileges.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebmin: 0.1 - 1.900
External linkshttp://pentest.com.tr/exploits/Webmin-1900-Remote-Command-Execution.html
http://www.exploit-db.com/exploits/46201
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
