automatic module_metadata_base.json update
This commit is contained in:
parent
f25b1fa4d7
commit
66d31c91d9
|
@ -70339,6 +70339,67 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/webmin_file_manager_rce": {
|
||||
"name": "Webmin File Manager RCE",
|
||||
"fullname": "exploit/linux/http/webmin_file_manager_rce",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2022-02-26",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"faisalfs10x",
|
||||
"jheysel-r7"
|
||||
],
|
||||
"description": "In Webmin version 1.984, any authenticated low privilege user without access rights to\n the File Manager module could interact with file manager functionalities such as downloading files from remote URLs and\n changing file permissions. It is possible to achieve Remote Code Execution via a crafted .cgi file by chaining those\n functionalities in the file manager.",
|
||||
"references": [
|
||||
"URL-https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295/",
|
||||
"URL-https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell",
|
||||
"CVE-2022-0824"
|
||||
],
|
||||
"platform": "Linux",
|
||||
"arch": "",
|
||||
"rport": 10000,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"Automatic (Unix In-Memory)"
|
||||
],
|
||||
"mod_time": "2022-10-27 11:26:31 +0000",
|
||||
"path": "/modules/exploits/linux/http/webmin_file_manager_rce.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/http/webmin_file_manager_rce",
|
||||
"check": true,
|
||||
"post_auth": true,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_linux/http/webmin_package_updates_rce": {
|
||||
"name": "Webmin Package Updates RCE",
|
||||
"fullname": "exploit/linux/http/webmin_package_updates_rce",
|
||||
|
|
Loading…
Reference in New Issue