CVE-2019-15642

HIGH EXPLOITED NUCLEI

Webmin < 1.920 - Authenticated Remote Code Execution via unserialise_variable Eval Call

Title source: llm

Exploitation Summary

CVE-2019-15642 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including jas502n. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2019-15642, a remote code execution vulnerability in Webmin. The exploit leverages the RPC endpoint to execute arbitrary commands on the target system, requiring valid credentials for authentication.

Description

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users."

Exploits (1)

nomisec WORKING POC 33 stars

by jas502n · remote-auth

https://github.com/jas502n/CVE-2019-15642

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2019-15642, a remote code execution vulnerability in Webmin. The exploit leverages the RPC endpoint to execute arbitrary commands on the target system, requiring valid credentials for authentication.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Webmin 1.910

Auth required

Prerequisites: Valid Webmin credentials · Access to the Webmin RPC endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Webmin < 1.920 - Authenticated Remote Code Execution

HIGHVERIFIEDby pussycat0x

Shodan: title:"Webmin" || http.title:"webmin"

FOFA: title="webmin"

References (4)

Core 4

Core References

Exploit, Patch, Third Party Advisory x_refsource_misc

https://www.calypt.com/blog/index.php/authenticated-rce-on-webmin/

Patch x_refsource_misc

https://github.com/webmin/webmin/commit/df8a43fb4bdc9c858874f72773bcba597ae9432c

Patch x_refsource_misc

https://github.com/webmin/webmin/blob/ab5e00e41ea1ecc1e24b8f8693f3495a0abb1aed/rpc.cgi#L26-L37

Vendor Advisory x_refsource_misc

https://doxfer.webmin.com/Webmin/Webmin_Servers_Index

Scores

CVSS v3 8.8

EPSS 0.3804

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-01-17

CWE

CWE-94

Status published

Products (1)

webmin/webmin < 1.920

Published Aug 26, 2019

Tracked Since Feb 18, 2026