Webmin - Remote Command Execution Vulnerability

 

We have been made aware of a remote exploit in Webmin versions 1.882 to 1.921 that would allow users to run arbitrary commands. The parameter old in password_change.cgi contains a command injection vulnerability that can be exploited for remote command execution.

Version 1.890 is vulnerable in its default install whereas the other versions are only vulnerable if changing of expired passwords is enabled, which is not the case by default.

 

Mitigation

The patched version 1.930 is released by Webmin. Webmin version 1.890 is vulnerable in a default install and should be upgraded immediately. For versions 1.900 to 1.920 if an upgrade is not possible alternately, they can edit /etc/webmin/miniserv.conf, remove the passwd_mode= line, restart the webmin service by running /etc/webmin/restart.

We at ProHosterz IT Solutions always encourage its customers to pursue the best practices of security to keep their systems updated, protected and patched against recognized vulnerabilities.

 

Official Security Advisories
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15107

If you have any queries regarding the patching/updates on ProHosterz infrastructure, Kindly contact us.

Best regards,
ProHosterz IT Solutions



Wednesday, August 21, 2019





« Back