Vulnerability identifier: #VU43567
Vulnerability risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:L/PR:/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Webmin
Web applications /
Remote management & hosting panels
Vendor: Webmin
Description
The vulnerability allows a remote #AU# to read and manipulate data.
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Webmin: 1.140 - 1.580
External links
http://americaninfosec.com/research/index.html
http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf
http://www.kb.cert.org/vuls/id/788478
http://www.securitytracker.com/id?1027507
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
http://github.com/webmin/webmin/commit/1f1411fe7404ec3ac03e803cfa7e01515e71a213
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.