cve/2012/CVE-2012-2982.md

### [CVE-2012-2982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2982)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.

### POC

#### Reference
- http://www.kb.cert.org/vuls/id/788478

#### Github
- https://github.com/0xF331-D3AD/CVE-2012-2982
- https://github.com/0xTas/CVE-2012-2982
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AlexJS6/CVE-2012-2982_Python
- https://github.com/Ari-Weinberg/CVE-2012-2982
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CpyRe/CVE-2012-2982
- https://github.com/Dawnn3619/CVE-2012-2982
- https://github.com/Hackgodybj/Webmin_RCE_version-1.580
- https://github.com/JohnHammond/CVE-2012-2982
- https://github.com/LeDucKhiem/CVE-2012-2982
- https://github.com/Mithlonde/Mithlonde
- https://github.com/OstojaOfficial/CVE-2012-2982
- https://github.com/R00tendo/CVE-2012-2982
- https://github.com/SlizBinksman/CVE_2012-2982
- https://github.com/Will-Banksy/My-Exploits
- https://github.com/alien-keric/webmin-v1.580-exploit
- https://github.com/blu3ming/CVE-2012-2982
- https://github.com/cd6629/CVE-2012-2982-Python-PoC
- https://github.com/kirilla/python
- https://github.com/tera-si/PoC-scripts-in-GO
- https://github.com/wizardy0ga/CVE_2012-2982
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2012-2982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2982)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a \| (pipe) character.`

			`### POC`

			`#### Reference`
			`- http://www.kb.cert.org/vuls/id/788478`

			`#### Github`
			`- https://github.com/0xF331-D3AD/CVE-2012-2982`
			`- https://github.com/0xTas/CVE-2012-2982`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/AlexJS6/CVE-2012-2982_Python`
			`- https://github.com/Ari-Weinberg/CVE-2012-2982`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CpyRe/CVE-2012-2982`
			`- https://github.com/Dawnn3619/CVE-2012-2982`
			`- https://github.com/Hackgodybj/Webmin_RCE_version-1.580`
			`- https://github.com/JohnHammond/CVE-2012-2982`
			`- https://github.com/LeDucKhiem/CVE-2012-2982`
			`- https://github.com/Mithlonde/Mithlonde`
			`- https://github.com/OstojaOfficial/CVE-2012-2982`
			`- https://github.com/R00tendo/CVE-2012-2982`
			`- https://github.com/SlizBinksman/CVE_2012-2982`
			`- https://github.com/Will-Banksy/My-Exploits`
			`- https://github.com/alien-keric/webmin-v1.580-exploit`
			`- https://github.com/blu3ming/CVE-2012-2982`
			`- https://github.com/cd6629/CVE-2012-2982-Python-PoC`
			`- https://github.com/kirilla/python`
			`- https://github.com/tera-si/PoC-scripts-in-GO`
			`- https://github.com/wizardy0ga/CVE_2012-2982`