admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2022/CVE-2022-0829.md

24 lines
977 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2022-0829](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0829)
![](https://img.shields.io/static/v1?label=Product&message=webmin%2Fwebmin&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.990%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen)
### Description
Improper Authorization in GitHub repository webmin/webmin prior to 1.990.
### POC
#### Reference
- https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e
- https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
- https://github.com/garthhumphreys/cvehound
- https://github.com/gokul-ramesh/WebminRCE-exploit
- https://github.com/kh4sh3i/Webmin-CVE
- https://github.com/pizza-power/golang-webmin-CVE-2022-0824-revshell
Reference in New Issue Copy Permalink