CVSS Base Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Detection Type: exploit
Solution Type: Vendor Patch
Summary: Webmin is prone to a remote code execution (RCE) vulnerability.
Detection Method: Checks if a vulnerable version is present on the target host.
Technical Details: The parameter old in password_change.cgi contains a command injection
vulnerability. The password change module has to be enabled to be exploitable.
Impact: Successful exploitation would allow an authorized attacker to gain
control over the target system.
Affected Versions: Webmin versions 1.882 to 1.921.
Recommendations: Update to version 1.930 or later.
Web application abuses
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
Foxit Studio Photo Version Detection (Windows)
Debian LTS Advisory ([SECURITY] [DLA 1955-1] tcpdump security update)
Debian LTS Advisory ([SECURITY] [DLA 1956-1] ruby-openid security update)
Fedora Update for SDL2 FEDORA-2019-8ef33a69ca
Fedora Update for krb5 FEDORA-2019-dc4e1d0fb6
openSUSE Update for the openSUSE-SU-2019:2307-1 (the)
Ubuntu Update for octavia USN-4153-1
Debian LTS Advisory ([SECURITY] [DLA 1954-1] lucene-solr security update)
Debian LTS Advisory ([SECURITY] [DLA 1953-1] clamav security update)
Microsoft Windows Multiple Vulnerabilities (KB4519338)
Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage your vulnerabilities.