cve/2022/CVE-2022-0829.md

CVE-2022-0829

Description

Improper Authorization in GitHub repository webmin/webmin prior to 1.990.

POC

Reference

• https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e
• https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
• https://github.com/garthhumphreys/cvehound
• https://github.com/gokul-ramesh/WebminRCE-exploit
• https://github.com/kh4sh3i/Webmin-CVE
• https://github.com/pizza-power/golang-webmin-CVE-2022-0824-revshell