← voltar
CVE-2019-15107

CVE-2019-15107

CVSS 9.8 CRITICALEPSS 99.8%● KEVCWE-78
Em resumo

O Webmin versão 1.920 e anteriores possuem uma falha que permite executar comandos arbitrários no servidor através da função de troca de senha. Isso é crítico porque dá controle total sobre o sistema afetado.

Detalhe técnico

O parâmetro 'old' em password_change.cgi contém uma vulnerabilidade de injeção de comando do sistema operacional (CWE-78), permitindo que atacantes executem comandos arbitrários com os privilégios do processo Webmin. A exploração requer acesso à rede da interface Webmin e pode resultar em comprometimento completo do sistema.

Resumo gerado e traduzido por IA a partir da descrição oficial.
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · n/a
PoCs públicas encontradas46
githubgithub.com/jas502n/CVE-2019-1510765githubgithub.com/MuirlandOracle/CVE-2019-1510755githubgithub.com/K3ysTr0K3R/CVE-2019-15107-EXPLOIT10githubgithub.com/hannob/webminex8githubgithub.com/n0obit4/Webmin_1.890-POC8githubgithub.com/ruthvikvegunta/CVE-2019-151076githubgithub.com/AdministratorGithub/CVE-2019-151075githubgithub.com/Mattb709/CVE-2019-15107-Scanner3githubgithub.com/AleWong/WebminRCE-EXP-CVE-2019-15107-3githubgithub.com/squid22/Webmin_CVE-2019-151073githubgithub.com/whokilleddb/CVE-2019-151073githubgithub.com/NasrallahBaadi/CVE-2019-151073githubgithub.com/wenruoya/CVE-2019-151072githubgithub.com/HACHp1/webmin_docker_and_exp2githubgithub.com/MasterCode112/CVE-2019-151071githubgithub.com/TheAlpha19/MiniExploit1githubgithub.com/Rayferrufino/Make-and-Break1githubgithub.com/Mattb709/CVE-2019-15107-Webmin-RCE-PoC1githubgithub.com/D4rkScare/CVE-2019-151070githubgithub.com/ketlerd/CVE-2019-151070githubgithub.com/ianxtianxt/CVE-2019-151070githubgithub.com/ch4ko/webmin_CVE-2019-151070githubgithub.com/cdedmondson/Modified-CVE-2019-151070githubgithub.com/diegojuan/CVE-2019-151070githubgithub.com/darrenmartyn/CVE-2019-151070githubgithub.com/hacknotes/CVE-2019-15107-Exploit0githubgithub.com/CyberTuz/CVE-2019-15107_detection0githubgithub.com/hadrian3689/webmin_1.9200githubgithub.com/f0rkr/CVE-2019-151070githubgithub.com/psw01/CVE-2019-15107_webminRCE0githubgithub.com/g1vi/CVE-2019-151070githubgithub.com/gozn/detect-CVE-2019-15107-by-pyshark0githubgithub.com/h4ck0rman/CVE-2019-151070githubgithub.com/olingo99/CVE-2019-151070githubgithub.com/0x4r2/Webmin-CVE-2019-151070githubgithub.com/EdouardosStav/CVE-2019-15107-RCE-WebMin0githubgithub.com/bayazid-bit/CVE-2019-151070githubgithub.com/ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability0githubgithub.com/adampawelczyk/cve-2019-151070githubgithub.com/viglia/cve-2019-151070cve_referencewww.exploit-db.com/exploits/47230não verificadocve_referencepacketstormsecurity.com/files/154141/Webmin-1.920-Remote-Command-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/154485/Webmin-1.920-Remote-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/154197/Webmin-1.920-password_change.cgi-Backdoor.htmlnão verificadocve_referencepacketstormsecurity.com/files/154141/Webmin-Remote-Comman-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/47293não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/154141/Webmin-1.920-Remote-Command-Execution.htmlhttp://packetstormsecurity.com/files/154141/Webmin-Remote-Comman-Execution.htmlhttp://packetstormsecurity.com/files/154197/Webmin-1.920-password_change.cgi-Backdoor.htmlhttp://packetstormsecurity.com/files/154485/Webmin-1.920-Remote-Code-Execution.htmlhttps://attackerkb.com/topics/hxx3zmiCkR/webmin-password-change-cgi-command-injectionhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-15107https://www.exploit-db.com/exploits/47230http://www.pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.htmlhttp://www.webmin.com/security.html