Webmin Critical Security vulnerabilities (CVE-2021-31760, CVE-2021-31761, CVE-2021-31762)

Webmin is a web-based system administration tool for Unix-like servers, and services with over 1,000,000 installations worldwide. Using Webmin, you can configure operating system internals, such as users, disk quotas, services, or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more. … Continue reading “Webmin Critical Security vulnerabilities (CVE-2021-31760, CVE-2021-31761, CVE-2021-31762)”

Webmin Remote Code Execution Vulnerability

Webmin version 1.882 to 1.921 is vulnerable to Unauthenticated Remote Code Execution Vulnerability. This vulnerability exists in the reset password function that allows a malicious attacker to execute malicious code due to lack of input validation. The targets which have the setting “user password change enabled” are exploitable. This vulnerability has been assigned CVE-2019-15107. Vulnerability … Continue reading “Webmin Remote Code Execution Vulnerability”