CVE-2022-36446

CVE-2022-36446 - Webmin 1.996 Remote Code Execution

CVE-2022-36446 CVE-2022-36446 - Webmin 1996 Remote Code Execution Access to the "Software Package Updates" module is required to trigger the vulnerability Users with access to this module can run commands with root privileges on the system by performing OS Command Injection during a new package installation HTTP Request: POST /package-updates/updatecgi HTTP/11 Ho

A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.

A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin &lt; 1997 Features Supports HTTP and HTTPS (even with self-signed certificates with --insecure) Single command execution with --command option Interactive console with --interactive option Usage $ /CVE-2022-36446py -h CVE-2022-36446 - Webmin &lt;

This is a script for version detection of Webmin remote server interface.

CVE_2022_36446 a python script for version detection of Webmin remote server interface Features [X]: Check CVE-2022-36446 for a url [X]: Check CVE-2022-36446 for an IP / Auto-Detection for Redirect URL Usage Requirements requests bs4 References nvdnistgov/vuln/detail/CVE-2022-36446 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2022-36446

Project triển khai và phân tích 2 lỗ hổng trên nền tảng webmin: Nghiên cứu và khai thác lỗ hổng CVE-2019-15107 và CVE-2022-36446