daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2022/CVE-2022-0824.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-03-21 16:24:53 -04:00
parent dfe32596dc
commit db76f31205
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2022/CVE-2022-0824.yaml
View File

@ -4,12 +4,12 @@ info:
name: Webmin <1.990 - Improper Access Control
author: cckuailong
severity: high
description: Webmin before 1.990 is susceptible to improper access control in GitHub repository webmin/webmin.
description: Webmin before 1.990 is susceptible to improper access control in GitHub repository webmin/webmin. This in turn can lead to remote code execution, by which an attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
reference:
- https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell/blob/main/Webmin-revshell.py
- https://nvd.nist.gov/vuln/detail/CVE-2022-0824
- https://github.com/webmin/webmin/commit/39ea464f0c40b325decd6a5bfb7833fa4a142e38
- https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295
- https://nvd.nist.gov/vuln/detail/CVE-2022-0824
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8