CVE-2021-31760

HIGH

Webmin 1.973 - Cross-Site Request Forgery to Remote Command Execution via Running Process Feature

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-31760. PoCs published by electronicbots, Mesh3l911.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-31760, which leverages a CSRF vulnerability in Webmin to achieve remote command execution (RCE). The exploit generates a malicious HTML file that, when opened by an authenticated Webmin admin, executes a reverse shell payload.

Description

Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.

Exploits (2)

nomisec WORKING POC 2 stars
by electronicbots · poc
https://github.com/electronicbots/CVE-2021-31760

This repository contains a functional exploit for CVE-2021-31760, which leverages a CSRF vulnerability in Webmin to achieve remote command execution (RCE). The exploit generates a malicious HTML file that, when opened by an authenticated Webmin admin, executes a reverse shell payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Webmin 1.973
Auth required
Prerequisites: Authenticated Webmin admin session · Target Webmin path · Attacker-controlled IP and port for reverse shell
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 2 stars
by Mesh3l911 · poc
https://github.com/Mesh3l911/CVE-2021-31760

This repository contains a functional exploit for CVE-2021-31760, which leverages a CSRF vulnerability in Webmin to achieve remote command execution (RCE). The exploit generates a malicious HTML file that, when visited by an authenticated Webmin admin, executes a reverse shell payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Webmin 1.973
Auth required
Prerequisites: Authenticated Webmin admin session · Target Webmin path · Attacker-controlled IP and port for reverse shell
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
https://github.com/webmin/webmin
Exploit, Third Party Advisory x_refsource_misc
https://youtu.be/D45FN8QrzDo
Third Party Advisory x_refsource_misc
https://github.com/electronicbots/CVE-2021-31760
Third Party Advisory x_refsource_misc
https://github.com/Mesh3l911/CVE-2021-31760

Scores

CVSS v3 8.8
EPSS 0.0852
EPSS Percentile 94.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
webmin/webmin 1.973
Published Apr 25, 2021
Tracked Since Feb 18, 2026