### [CVE-2012-2982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2982)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.

### POC

#### Reference
- http://www.kb.cert.org/vuls/id/788478

#### Github
- https://github.com/0xF331-D3AD/CVE-2012-2982
- https://github.com/0xTas/CVE-2012-2982
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AlexJS6/CVE-2012-2982_Python
- https://github.com/Ari-Weinberg/CVE-2012-2982
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CpyRe/CVE-2012-2982
- https://github.com/Dawnn3619/CVE-2012-2982
- https://github.com/Hackgodybj/Webmin_RCE_version-1.580
- https://github.com/JohnHammond/CVE-2012-2982
- https://github.com/LeDucKhiem/CVE-2012-2982
- https://github.com/Mithlonde/Mithlonde
- https://github.com/OstojaOfficial/CVE-2012-2982
- https://github.com/R00tendo/CVE-2012-2982
- https://github.com/Shadow-Spinner/CVE-2012-2982_python
- https://github.com/SlizBinksman/CVE_2012-2982
- https://github.com/Will-Banksy/My-Exploits
- https://github.com/alien-keric/webmin-v1.580-exploit
- https://github.com/blu3ming/CVE-2012-2982
- https://github.com/cd6629/CVE-2012-2982-Python-PoC
- https://github.com/elliotosama/CVE-2012-2982
- https://github.com/kirilla/python
- https://github.com/tera-si/PoC-scripts-in-GO
- https://github.com/wizardy0ga/CVE_2012-2982