Back to main page

Webmin Package Updates Remote Command Execution

Category:

Application vulnerabilities

Sub-category:

Application exploits

Severity:

high

Description:

Detects the use of a Metasploit Framework module that exploits an arbitrary command execution vulnerability in Webmin 1.910 and lower versions. Any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges.