Vulnerability in Gentoo Webmin
CVE-2012-2982
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
EPSS: 0.828 (99.3th percentile) — read the EPSS interpretation.
Affected products
- Gentoo Webmin — versions 1.140, 1.150, 1.160
- N/a — versions n/a
Public proof-of-concept exploits
- JohnHammond/CVE-2012-2982
- cd6629/CVE-2012-2982-Python-PoC
- 0xTas/CVE-2012-2982
- OstojaOfficial/CVE-2012-2982
- JRrooot/CVE-2012-2982-Webmin-RCE
- Gvmyz/CVE-2012-2982_Python
- marinovharisan/Webmin-1.580---file-show.cgi-Manual-Remote-Command-Execution-Non-Metasploit-
- boriitoo/CVE-2012-2982
- SincIDK/CVE-2012-2982-Exploit-Script
- lpuv/CVE-2012-2982
References
- cret@cert.org (x_refsource_MISC)
- VU#788478 (x_refsource_CERT-VN, US Government Resource, Patch, third-party-advisory)
- cret@cert.org (x_refsource_CONFIRM, Exploit, Patch)
- 1027507 (vdb-entry, x_refsource_SECTRACK)
- cret@cert.org (x_refsource_MISC)
- cret@cert.org (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2012-2982?
- CVE-2012-2982 is a vulnerability in Gentoo Webmin. Published 2012-09-11.
- Is CVE-2012-2982 known to be exploited?
- 42 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.