.. / CVE-2022-36446

Exploit for Webmin <1.997 - Authenticated Remote Code Execution (CVE-2022-36446)

Description:

Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.

Nuclei Template

View the template here CVE-2022-36446.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-36446.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-36446
https://github.com/webmin/webmin/compare/1.996...1.997
https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165
https://www.exploit-db.com/exploits/50998
http://packetstormsecurity.com/files/167894/Webmin-1.996-Remote-Code-Execution.html