Main Vulnerability Database Vulnerabilities #VU37431

Path traversal in Webmin - CVE-2018-8712

Published: March 14, 2018 / Updated: August 8, 2020

Vulnerability identifier: #VU37431

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-8712

CWE-ID: CWE-22

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Webmin

Affected software:
Webmin

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data from the local system (using Local File Include) such as the '/etc/shadow' file via a "GET /syslog/save_log.cgi?view=1&file=/etc/shadow" request.

How to mitigate CVE-2018-8712

Install update from vendor's website.

Sources

https://www.7elements.co.uk/resources/technical-advisories/webmin-1-840-1-880-unrestricted-access-arbitrary-files-using-local-file-include/

Path traversal in Webmin - CVE-2018-8712

Detailed vulnerability description

How to mitigate CVE-2018-8712

Sources

Please verify you're human