HTTP: Webmin Package Updates update.cgi Command Injection
This signature detects attempts to exploit a known vulnerability against Webmin. A successful attack can lead to arbitrary code execution.
Extended Description
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.
Affected Products
Webmin webmin
References
CVE: CVE-2020-35606
Short Name
HTTP:CTS:WEBMIN-PCKG-CMD-INJ
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2020-35606 Command Injection Package Updates Webmin update.cgi
Release Date
01/21/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3348
False Positive
Unknown
Vendors
Webmin
CVSS Score
9.0