mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
1.4 KiB
1.4 KiB
CVE-2019-12840
Description
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
POC
Reference
- http://packetstormsecurity.com/files/153372/Webmin-1.910-Remote-Command-Execution.html
- https://pentest.com.tr/exploits/Webmin-1910-Package-Updates-Remote-Command-Execution.html
- https://www.exploit-db.com/exploits/46984
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Awrrays/FrameVul
- https://github.com/InesMartins31/iot-cves
- https://github.com/KrE80r/webmin_cve-2019-12840_poc
- https://github.com/Pol-Ruiz/PoC-CVE-2019-12840
- https://github.com/WizzzStark/CVE-2019-12840.py
- https://github.com/anasbousselham/webminscan
- https://github.com/anquanscan/sec-tools
- https://github.com/bkaraceylan/CVE-2019-12840_POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/zAbuQasem/CVE-2019-12840