CVE-2017-15646

MEDIUM

Webmin < 1.860 - Stored Cross-Site Scripting and Remote Code Execution via File Manager Download from Remote URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-15646. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates an XSS vulnerability in Webmin 1.850 that leads to remote command execution by manipulating the 'Download from remote URL' feature. It also includes CSRF and SSRF vulnerabilities for scheduling arbitrary commands and server-side request forgery.

Description

Webmin before 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file download request and then send an XSS payload that will lead to Remote Code Execution, as demonstrated by an OS command in the value attribute of a name='cmd' input element.

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textwebappscgi

https://www.exploit-db.com/exploits/42989

View Code ZIP pw:eip

The exploit demonstrates an XSS vulnerability in Webmin 1.850 that leads to remote command execution by manipulating the 'Download from remote URL' feature. It also includes CSRF and SSRF vulnerabilities for scheduling arbitrary commands and server-side request forgery.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Webmin 1.850

No auth needed

Prerequisites: Network access to the Webmin interface · Victim must interact with the malicious server

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_misc

http://www.webmin.com/security.html

Patch, Third Party Advisory x_refsource_misc

https://github.com/webmin/webmin/commit/0c58892732ee7610a7abba5507614366d382c9c9

Exploit, Third Party Advisory x_refsource_misc

https://blogs.securiteam.com/index.php/archives/3430

Release Notes, Vendor Advisory x_refsource_misc

http://www.webmin.com/changes.html

Scores

CVSS v3 6.1

EPSS 0.0481

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

webmin/webmin < 1.850

Published Oct 19, 2017

Tracked Since Feb 18, 2026