CVE-2024-44762

MEDIUM NUCLEI

Webmin Usermin <2.100 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-44762. PoCs published by Kjesper, arbaaz29. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit performs username enumeration in Usermin <= 2.100 by leveraging differential error messages in the password change functionality. It sends POST requests with fake credentials and checks for specific error responses to identify valid usernames.

Description

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts.

Exploits (3)

exploitdb WORKING POC
by Kjesper · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52254

This exploit performs username enumeration in Usermin <= 2.100 by leveraging differential error messages in the password change functionality. It sends POST requests with fake credentials and checks for specific error responses to identify valid usernames.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Usermin <= 2.100
No auth needed
Prerequisites: Network access to the Usermin interface · A wordlist of potential usernames
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Kjesper · pythonwebappsperl
https://www.exploit-db.com/exploits/52114

This exploit performs username enumeration in Webmin Usermin <= 2.100 by leveraging a password change endpoint that leaks user existence via distinct error messages. It iterates through a wordlist and checks responses for specific strings indicating valid or invalid usernames.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Webmin Usermin <= 2.100
No auth needed
Prerequisites: Network access to the Usermin interface · A wordlist of potential usernames
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by arbaaz29 · poc
https://github.com/arbaaz29/CVE-2024-44762-webmin-userenum

This script exploits CVE-2024-44762, a username enumeration vulnerability in Usermin 2.100. It sends crafted POST requests to the password_change.cgi endpoint and checks for specific error messages to determine valid usernames.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Usermin 2.100
No auth needed
Prerequisites: Network access to the Usermin interface · A wordlist of potential usernames
devstral-2 · analyzed Feb 19, 2026 Full analysis →

Nuclei Templates (1)

Usermin 2.100 - Username Enumeration
MEDIUMVERIFIEDby ritikchaddha
Shodan: title:"Usermin"
FOFA: app="Usermin"

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0250
EPSS Percentile 82.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-209
Status published
Products (1)
webmin/usermin 2.100
Published Oct 16, 2024
Tracked Since Feb 18, 2026