HTTP: Webmin CGI xhr-get_autocompletes Handling Command Injection
This signature detects attempts to exploit a known vulnerability against Webmin. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of CGI requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22346.
Short Name
HTTP:CTS:WEBMIN-CGI-CMD-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CGI CVE-2024-12828 Command Handling Injection Webmin xhr-get_autocompletes
Release Date
05/30/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3813
False Positive
Unknown