CVE-2019-12840

This Metasploit module exploits CVE-2019-12840, a command injection vulnerability in Webmin's Package Updates feature, allowing authenticated users to execute arbitrary commands with root privileges.

This repository contains a functional exploit for CVE-2019-12840, a remote command execution vulnerability in Webmin's Package Updates feature. The exploit authenticates with valid credentials, then injects commands via the update.cgi endpoint to achieve RCE.

This repository contains a functional Python exploit for CVE-2019-12840, an authenticated remote command execution vulnerability in Webmin's Package Updates feature. The exploit chains authentication bypass and command injection via crafted HTTP requests.

This repository contains a functional Node.js exploit for CVE-2019-12840, targeting Webmin <= 1.910. The exploit performs authenticated remote command execution via command injection in the package updates feature, establishing a reverse shell.

This repository contains a functional exploit for CVE-2019-12840, a remote code execution vulnerability in Webmin <= 1.910. The exploit leverages a command injection flaw in the package-updates module, allowing authenticated users to execute arbitrary commands or obtain a reverse shell.

This repository contains a functional Python exploit for CVE-2019-12840, an authenticated RCE vulnerability in Webmin's Package Updates feature. The PoC authenticates to Webmin and injects commands via the package update mechanism, providing a fake shell interface.

This repository contains a functional exploit for CVE-2019-12840, an authenticated remote code execution vulnerability in Webmin 1.910. The exploit leverages the 'Package Updates' feature to execute arbitrary commands via a crafted payload, resulting in a reverse shell.

The repository claims to be a scanner for CVE-2020-35606 and CVE-2019-12840 but contains no actual code or technical details. It appears to be a placeholder or lure.

This Metasploit module exploits CVE-2019-12840, a remote command execution vulnerability in Webmin 1.910 and earlier. It authenticates with provided credentials, checks for the 'Package Updates' privilege, and executes arbitrary commands via a crafted POST request to the package-updates endpoint.