APP: Webmin Upload Authenticated RCE
This signature detects attempts to exploit a known vulnerability against Webmin. A successful attack can lead to arbitrary code execution.
Extended Description
Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Affected Products
Webmin webmin
References
CVE: CVE-2019-9624
URL: https://pentest.com.tr/exploits/Webmin-1900-Remote-Command-Execution.html
Short Name
APP:MISC:WEBADMIN-UPLOAD-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Authenticated CVE-2019-9624 RCE Upload Webmin
Release Date
01/04/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3453
False Positive
Unknown
Vendors
Webmin
CVSS Score
6.8