anasbousselham

2 exploits Active since Jun 2019
CVE-2020-35606 NOMISEC HIGH SUSPICIOUS
Webmin <= 1.962 - Authenticated Remote Command Execution via Package Updates Module
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.
CVSS 8.8
CVE-2019-12840 NOMISEC HIGH SUSPICIOUS
Webmin < 1.910 - Authenticated Remote Command Execution via Package Updates Module
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
CVSS 8.8