Main Vulnerability Database Exploits ID:9549 - Exploit for Input validation error in Webmin - CVE-2012-2982

ID:9549 - Exploit for Input validation error in Webmin - CVE-2012-2982

Published: February 13, 2024

Vulnerability identifier: #VU43567

Vulnerability risk: Low

CVE-ID: CVE-2012-2982

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Webmin

Link to public exploit:

https://github.com/LeDucKhiem/CVE-2012-2982

Vulnerability description

The vulnerability allows a remote #AU# to read and manipulate data.

file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.

Remediation

Install update from vendor's website.

ID:9549 - Exploit for Input validation error in Webmin - CVE-2012-2982

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human